4 matches found
CVE-2020-7931
In JFrog Artifactory 5.x and 6.x, insecure FreeMarker template processing leads to remote code execution, e.g., by modifying a .ssh/authorizedkeys file. Patches are available for various versions between 5.11.8 and 6.16.0. The issue exists because use of the DefaultObjectWrapper class makes certa...
CVE-2020-7931
creationtimestamp| type| source ---|---|--- 2022-06-23 20:06:54+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/1828...
CVE-2020-7931
In JFrog Artifactory 5.x and 6.x, insecure FreeMarker template processing leads to remote code execution, e.g., by modifying a .ssh/authorizedkeys file. Patches are available for various versions between 5.11.8 and 6.16.0. The issue exists because use of the DefaultObjectWrapper class makes certa...
CVE-2020-7931
In Artifactory 5.x–6.x, insecure FreeMarker template processing allows remote code execution. The root cause is the DefaultObjectWrapper exposing Java functions to templates, enabling actions such as modifying a user’s .ssh/authorized_keys. Affected versions range from 5.11.8 to 6.16.0, with patc...