PT-2023-11820 · Ionicabizau · Node-Gry

Publicado

2023-01-11

Atualizado

2024-05-17

CVE-2020-36650

CVSS v3.1

8.0

Alta

Vetor

AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions IonicaBizau node-gry versions up to 5.x

Description A critical issue was found, affecting an unknown part of the software, leading to command injection. The estimated number of potentially affected devices worldwide is not available. There is no information about real-world incidents where this issue was exploited.

Recommendations For IonicaBizau node-gry versions up to 5.x, upgrade to version 6.0.0 to address the issue. As a temporary workaround, consider restricting the use of the affected component until the upgrade is applied.

Correção

Command Injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-77

Identificadores relacionados

CVE-2020-36650

GHSA-W5MW-F2HQ-5FW8

Produtos afetados

Node-Gry

PT-2023-11820 · Ionicabizau · Node-Gry

CVE-2020-36650

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 9