PT-2020-13686 · Erlang+1 · Rebar3+1

Published

2020-09-02

·

Updated

2021-11-16

·

CVE-2020-13802

CVSS v2.0

10

Critical

VectorAV:N/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Rebar3 versions 3.0.0-beta.3 through 3.13.2
Description The issue concerns OS command injection via the URL parameter of dependency specification.
Recommendations For versions 3.0.0-beta.3 through 3.13.2, update to a version that contains a fix for this issue.

Exploit

Fix

OS Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-78

Related Identifiers

ALT-PU-2021-3122
ALT-PU-2021-3285
CVE-2020-13802
MGASA-2020-0470

Affected Products

Alt Linux
Rebar3