← voltar
CVE-2020-15101

Nested directory structure can lead to Uncontrolled Resource Consumption in freewvs

CVSS 2.8 LOWEPSS 0.6%CWE-400
Vexday Risk Score
8Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 2.8EPSS 0.6%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
14 jul 2020Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
In freewvs before 0.1.1, a directory structure of more than 1000 nested directories can interrupt a freewvs scan due to Python's recursion limit and os.walk(). This can be problematic in a case where an administrator scans the dirs of potentially untrusted users. This has been patched in 0.1.1.
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L
Produtos afetados
schokokeksorg · freewvs