Lucene search

K
cve[email protected]CVE-2024-34913
HistoryMay 15, 2024 - 8:15 p.m.

CVE-2024-34913

2024-05-1520:15:13
CWE-434
CWE-79
web.nvd.nist.gov
21
arbitrary file upload
r-pan-scaffolding
pdf
code execution

5.4 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

7.7 High

AI Score

Confidence

High

0 Low

EPSS

Percentile

0.0%

An arbitrary file upload vulnerability in r-pan-scaffolding v5.0 and below allows attackers to execute arbitrary code via uploading a crafted PDF file.

Affected configurations

NVD
Node
technockingr-pan-scaffoldingRange5.0

5.4 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

7.7 High

AI Score

Confidence

High

0 Low

EPSS

Percentile

0.0%

Related for CVE-2024-34913