CVE-2022-1032

Insecure deserialization of not validated module file in GitHub repository crater-invoice/crater prior to 6.0.6.
Configurations

Configuration 1 (hide)

cpe:2.3:a:craterapp:crater:*:*:*:*:*:*:*:*

History

21 Nov 2024, 06:39

Type Values Removed Values Added
References () https://github.com/crater-invoice/crater/commit/7cde971f8b79579951df98384a5210d25f698af5 - Patch, Third Party Advisory () https://github.com/crater-invoice/crater/commit/7cde971f8b79579951df98384a5210d25f698af5 - Patch, Third Party Advisory
References () https://huntr.dev/bounties/cb9a0393-be34-4021-a06c-00c7791c7622 - Exploit, Third Party Advisory () https://huntr.dev/bounties/cb9a0393-be34-4021-a06c-00c7791c7622 - Exploit, Third Party Advisory

Information

Published : 2022-03-29 08:15

Updated : 2024-11-21 06:39


NVD link : CVE-2022-1032

Mitre link : CVE-2022-1032

CVE.ORG link : CVE-2022-1032


JSON object : View

Products Affected

craterapp

  • crater
CWE
CWE-502

Deserialization of Untrusted Data