CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

4 matches found

OSV•added 2021/09/01 6:36 p.m.•14 views

GHSA-4574-QV3W-FCMG Deserialization of Untrusted Data in codeception/codeception

This affects the package codeception/codeception from 4.0.0 before 4.1.22 and before 3.1.3. The RunProcess class can be leveraged as a gadget to run arbitrary commands on a system that is deserializing user input without validation...

9.8CVSS9.6AI score0.00579EPSS

Exploits1References11

OSV•added 2021/08/11 1:15 p.m.•13 views

CVE-2021-23420

This affects the package codeception/codeception from 4.0.0 and before 4.1.22, before 3.1.3. The RunProcess class can be leveraged as a gadget to run arbitrary commands on a system that is deserializing user input without validation...

9.8CVSS7.1AI score

Exploits0References4

Prion•added 2021/08/11 1:15 p.m.•12 views

Input validation

This affects the package codeception/codeception from 4.0.0 and before 4.1.22, before 3.1.3. The RunProcess class can be leveraged as a gadget to run arbitrary commands on a system that is deserializing user input without validation...

10CVSS9.5AI score0.00579EPSS

Exploits1References4Affected Software1

Cvelist•added 2021/08/11 12:15 p.m.•13 views

CVE-2021-23420 Deserialization of Untrusted Data

This affects the package codeception/codeception from 4.0.0 and before 4.1.22, before 3.1.3. The RunProcess class can be leveraged as a gadget to run arbitrary commands on a system that is deserializing user input without validation...

7.7CVSS9.8AI score0.00579EPSS

Exploits1References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by