Lucene search
GitHub_MCVELIST:CVE-2020-4066HistoryJun 22, 2020 - 3:25 p.m.
CVE-2020-4066 Command Injection in Limdu trainBatch function
2020-06-2215:25:13
CWE-78
GitHub_M
www.cve.org
3.8 Low
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N
0.002 Low
EPSS
Percentile
53.0%
In Limdu before 0.95, the trainBatch function has a command injection vulnerability. Clients of the Limdu library are unlikely to be aware of this, so they might unwittingly write code that contains a vulnerability. This has been patched in 0.95.
CNA Affected
[
{
"product": "Limdu",
"vendor": "erelsgl",
"versions": [
{
"status": "affected",
"version": "< 0.95"
}
]
}
]Related
githubexploit
githubexploit
Exploit for OS Command Injection in Limdu Project Limdu
2020-12-01 09:45:48
cve
cve
CVE-2020-4066
2020-06-22 16:15:11
osv
osv
Command Injection in Limdu
2020-06-22 15:24:06
prion
prion
Command injection
2020-06-22 16:15:00
nvd
nvd
CVE-2020-4066
2020-06-22 16:15:11
veracode
veracode
OS Command Injection
2020-06-22 22:48:05
github
github
Command Injection in Limdu
2020-06-22 15:24:06
3.8 Low
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N
0.002 Low
EPSS
Percentile
53.0%
Related for CVELIST:CVE-2020-4066