Insecure deserialization of not validated module file in GitHub repository crater-invoice/crater prior to 6.0.6.
References
Link | Resource |
---|---|
https://github.com/crater-invoice/crater/commit/7cde971f8b79579951df98384a5210d25f698af5 | Patch Third Party Advisory |
https://huntr.dev/bounties/cb9a0393-be34-4021-a06c-00c7791c7622 | Exploit Third Party Advisory |
https://github.com/crater-invoice/crater/commit/7cde971f8b79579951df98384a5210d25f698af5 | Patch Third Party Advisory |
https://huntr.dev/bounties/cb9a0393-be34-4021-a06c-00c7791c7622 | Exploit Third Party Advisory |
Configurations
History
21 Nov 2024, 06:39
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/crater-invoice/crater/commit/7cde971f8b79579951df98384a5210d25f698af5 - Patch, Third Party Advisory | |
References | () https://huntr.dev/bounties/cb9a0393-be34-4021-a06c-00c7791c7622 - Exploit, Third Party Advisory |
Information
Published : 2022-03-29 08:15
Updated : 2024-11-21 06:39
NVD link : CVE-2022-1032
Mitre link : CVE-2022-1032
CVE.ORG link : CVE-2022-1032
JSON object : View
Products Affected
craterapp
- crater
CWE
CWE-502
Deserialization of Untrusted Data