7 matches found
CVE-2020-36762
A vulnerability was found in ONS Digital RAS Collection Instrument up to 2.0.27 and classified as critical. Affected by this issue is the function jobs of the file .github/workflows/comment.yml. The manipulation of the argument $COMMENTBODY leads to os command injection. Upgrading to version 2.0....
CVE-2020-36762
A vulnerability was found in ONS Digital RAS Collection Instrument up to 2.0.27 and classified as critical. Affected by this issue is the function jobs of the file .github/workflows/comment.yml. The manipulation of the argument $COMMENTBODY leads to os command injection. Upgrading to version 2.0....
CVE-2020-36762
CVE-2020-36762 affects the ONS Digital RAS Collection Instrument up to version 2.0.27. The root cause is a command-injection vulnerability in the function jobs of the file .github/workflows/comment.yml , caused by manipulation of the argument $COMMENT_BODY . This leads to OS command execution. Th...
CVE-2020-36762 ONS Digital RAS Collection Instrument comment.yml jobs os command injection
A vulnerability was found in ONS Digital RAS Collection Instrument up to 2.0.27 and classified as critical. Affected by this issue is the function jobs of the file .github/workflows/comment.yml. The manipulation of the argument $COMMENTBODY leads to os command injection. Upgrading to version 2.0....
ONS Digital RAS Collection Instrument 操作系统命令注入漏洞
ONS Digital RAS Collection Instrument is an application from ONS Digital that is responsible for collection exercises and instrument uploads. An operating system command injection vulnerability exists in ONS Digital RAS Collection Instrument versions prior to 2.0.28, which stems from a security...
PT-2023-11902 · Unknown · Ons Digital Ras Collection Instrument
Name of the Vulnerable Software and Affected Versions: ONS Digital RAS Collection Instrument versions up to 2.0.27 Description: A critical issue was found in the function jobs of the file .github/workflows/comment.yml. The manipulation of the argument $COMMENT BODY leads to os command injection...
Directory Traversal Vulnerability in Intelligent Data Acquisition Instrument of Zhejiang Chuangyuan Environmental Technology Co.
Zhejiang Chuangyuan Environmental Technology Co., Ltd. is a private joint-stock enterprise and a science and technology-based innovative enterprise. The company mainly provides environmental monitoring technology research and development and technical services, installation and operation and...