Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Catchethq Security Vulnerabilities

cve
cve

CVE-2021-39172

Cachet is an open source status page system. Prior to version 2.5.1, authenticated users, regardless of their privileges (User or Admin), can exploit a new line injection in the configuration edition feature (e.g. mail settings) and gain arbitrary code execution on the server. This issue was addres...

8.8CVSS

8.9AI Score

0.003EPSS

2021-08-27 11:15 PM
79
4
cve
cve

CVE-2021-39173

Cachet is an open source status page system. Prior to version 2.5.1 authenticated users, regardless of their privileges (User or Admin), can trick Cachet and install the instance again, leading to arbitrary code execution on the server. This issue was addressed in version 2.5.1 by improving the mid...

8.8CVSS

8.7AI Score

0.005EPSS

2021-08-27 11:15 PM
75
4
cve
cve

CVE-2021-39174

Cachet is an open source status page system. Prior to version 2.5.1, authenticated users, regardless of their privileges (User or Admin), can leak the value of any configuration entry of the dotenv file, e.g. the application secret (APP_KEY) and various passwords (email, database, etc). This issue ...

8.8CVSS

8.3AI Score

0.002EPSS

2021-08-28 12:15 AM
71
10