Lucene search
Veracode Vulnerability DatabaseVERACODE:34430HistoryFeb 28, 2022 - 7:12 a.m.
Remote Code Execution (RCE)
2022-02-2807:12:12
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
10
0.001 Low
EPSS
Percentile
47.5%
@strapi/strapi is vulnerable to remote code execution. The vulnerability exists due to a lack of sanitization of input via the version number string variable.
| CPE | Name | Operator | Version |
|---|---|---|---|
| @strapi/strapi | le | 4.1.1-alpha.0 | |
| @strapi/strapi | le | 4.1.1-alpha.0 |
Related
huntr
huntr
Arbitrary Command Injection
2022-02-17 15:58:55
osv
osv
CVE-2022-0764
2022-02-26 15:15:07
Command injection in strapi
2022-02-27 00:00:15
cve
cve
CVE-2022-0764
2022-02-26 15:15:07
cnvd
cnvd
strapi OS command injection vulnerability
2022-03-01 00:00:00
prion
prion
Command injection
2022-02-26 15:15:00
nvd
nvd
CVE-2022-0764
2022-02-26 15:15:07
github
github
Command injection in strapi
2022-02-27 00:00:15
cvelist
cvelist
CVE-2022-0764 Arbitrary Command Injection in strapi/strapi
2022-02-26 14:55:09