← voltar
CVE-2014-125107

Corveda PHPSandbox String protection mechanism

CVSS 4.3 MEDIUMEPSS 0.7%CWE-693
Vexday Risk Score
13Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 4.3EPSS 0.7%KEV nãoPoC Nuclei Metasploit Patch referenciado
Ciclo de vida
19 dez 2023Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
A vulnerability was found in Corveda PHPSandbox 1.3.4 and classified as critical. Affected by this issue is some unknown functionality of the component String Handler. The manipulation leads to protection mechanism failure. The attack may be launched remotely. Upgrading to version 1.3.5 is able to address this issue. The patch is identified as 48fde5ffa4d76014bad260a3cbab7ada3744a4cc. It is recommended to upgrade the affected component. VDB-248270 is the identifier assigned to this vulnerability.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Produtos afetados
Corveda · PHPSandbox

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://github.com/Corveda/PHPSandbox/commit/48fde5ffa4d76014bad260a3cbab7ada3744a4cchttps://github.com/Corveda/PHPSandbox/releases/tag/v1.3.5https://vuldb.com/?ctiid.248270https://vuldb.com/?id.248270