Lucene search

[email protected]CVE-2023-50693

HistoryJan 19, 2024 - 8:15 p.m.

CVE-2023-50693

2024-01-1920:15:11

[email protected]

web.nvd.nist.gov

dom96 jester

v0.6.0

cve-2023-50693

remote code execution

security vulnerability

nvd

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.3 High

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

75.5%

JSON

An issue in Jester v.0.6.0 and before allows a remote attacker to send a malicious crafted request.

Affected configurations

NVD

Node

jester_projectjesterRange≤0.6.0

CPENameOperatorVersion
jester_project:jesterjester project jesterle0.6.0

CPE	Name	Operator	Version
jester_project:jester	jester project jester	le	0.6.0

References

gist.github.com/anas-cherni/dd297786750f300a2bab3bb73fee919b

github.com/dom96/jester/issues/326

github.com/dom96/jester/pull/327

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.3 High

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

75.5%

JSON

Related for CVE-2023-50693

cvelist1 osv1 prion1 nvd1