CVE-2022-40274 in GrideaИнформация

Сводка

по MITRE • 30.09.2022

Gridea version 0.9.3 allows an external attacker to execute arbitrary code remotely on any client attempting to view a malicious markdown file through Gridea. This is possible because the application has the 'nodeIntegration' option enabled.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Резервировать

08.09.2022

Раскрытие

30.09.2022

Модерация

принято

Вход

VDB-210055

EPSS

0.00434

KEV

Нет

Деятельности

Очень низкий

Источники

Do you want to use VulDB in your project?

Use the official API to access entries easily!