Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:21755
HistoryOct 21, 2019 - 9:13 a.m.

Code Injection

2019-10-2109:13:43
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
5

0.022 Low

EPSS

Percentile

89.5%

JSON

sagecell is vulnerable to arbitrary code injection. The vulnerability exists as it allows injection of malicious OS commands via the popen command during communication with the SageMath Sage Cell Server via an internet facing web application.The vendor claims this vulnerability as a “vulnerable by design” and that the current behavior will be retained.

CPENameOperatorVersion
sagecellle0.3rc6

Related

cvelist 1
prion 1
nvd 1
cve 1
cvelist
cvelist
CVE-2019-17526
2019-10-18 16:15:08
prion
prion
Code injection
2019-10-18 17:15:00
nvd
nvd
CVE-2019-17526
2019-10-18 17:15:10
cve
cve
CVE-2019-17526
2019-10-18 17:15:10

0.022 Low

EPSS

Percentile

89.5%

JSON
Related for VERACODE:21755
cvelist1prion1nvd1cve1