Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:27715
HistoryOct 29, 2020 - 9:46 p.m.

PHP Object Injection

2020-10-2921:46:48
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8

0.001 Low

EPSS

Percentile

31.3%

JSON

gosa is vulnerable to PHP object injection. The vulnerability allows a remote authenticated attacker to perform file deletions in the context process worker of the web server using a malicious cookie value. This is due to lack of validation during deserializing of cookie value to restore filter settings.

CPENameOperatorVersion
gosa:xenialeq2.7.4+reloaded2-9ubuntu1

Related

openvas 2
cve 1
ubuntucve 1
prion 1
debiancve 1
nessus 2
osv 3
cvelist 1
nvd 1
debian 1
ubuntu 1
openvas
openvas
Debian: Security Advisory (DLA-1905-1)
2019-09-01 00:00:00
Ubuntu: Security Advisory (USN-4609-1)
2020-10-29 00:00:00
cve
cve
CVE-2019-14466
2019-12-31 18:15:11
ubuntucve
ubuntucve
CVE-2019-14466
2019-12-31 00:00:00
prion
prion
Design/Logic Flaw
2019-12-31 18:15:00
debiancve
debiancve
CVE-2019-14466
2019-12-31 18:15:11
nessus
nessus
Debian DLA-1905-1 : gosa security update
2019-09-03 00:00:00
Ubuntu 16.04 LTS : GOsa vulnerabilities (USN-4609-1)
2020-10-29 00:00:00
osv
osv
gosa - security update
2019-08-31 00:00:00
CVE-2019-14466
2019-12-31 18:15:11
gosa vulnerabilities
2020-10-28 19:46:46
cvelist
cvelist
CVE-2019-14466
2019-12-31 17:29:05
nvd
nvd
CVE-2019-14466
2019-12-31 18:15:11
debian
debian
[SECURITY] [DLA 1905-1] gosa security update
2019-08-31 14:32:38
ubuntu
ubuntu
GOsa vulnerabilities
2020-10-28 00:00:00

0.001 Low

EPSS

Percentile

31.3%

JSON
Related for VERACODE:27715
openvas2cve1ubuntucve1prion1debiancve1nessus2osv3cvelist1nvd1debian1ubuntu1