Insecure deserialization of not validated module file in GitHub repository crater-invoice/crater prior to 6.0.6.
References
Link | Resource |
---|---|
https://github.com/crater-invoice/crater/commit/7cde971f8b79579951df98384a5210d25f698af5 | Patch Third Party Advisory |
https://huntr.dev/bounties/cb9a0393-be34-4021-a06c-00c7791c7622 | Exploit Third Party Advisory |
Configurations
History
No history.
Information
Published : 2022-03-29 08:15
Updated : 2024-02-28 19:09
NVD link : CVE-2022-1032
Mitre link : CVE-2022-1032
CVE.ORG link : CVE-2022-1032
JSON object : View
Products Affected
craterapp
- crater
CWE
CWE-502
Deserialization of Untrusted Data