Lucene search
Https://gitlab.com/gitlab-org/security-products/gemnasium-dbGITLAB-68D18AD30060B0ED71D9EA42AAD7FADAHistoryJul 05, 2023 - 12:00 a.m.
Improper Neutralization of Special Elements used in a Command ('Command Injection')
2023-07-0500:00:00
https://gitlab.com/gitlab-org/security-products/gemnasium-db
gitlab.com
6
linux server management
command injection
vulnerability fix
open source
container repositories
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
42.1%
1Panel is an open source Linux server operation and maintenance management panel. Prior to version 1.3.6, an authenticated attacker can craft a malicious payload to achieve command injection when adding container repositories. The vulnerability has been fixed in v1.3.6.
Affected configurations
Node
go1panelRange<v1.3.6
Related
osv
osv
1Panel vulnerable to command injection when adding container repositories
2023-07-05 21:38:07
1Panel vulnerable to command injection when adding container repositories in github.com/1Panel-dev/1Panel
2024-08-20 20:31:35
CVE-2023-36457
2023-07-05 21:15:09
prion
prion
Command injection
2023-07-05 21:15:00
cve
cve
CVE-2023-36457
2023-07-05 21:15:09
cvelist
cvelist
veracode
veracode
Command Injection
2023-07-06 07:45:20
nvd
nvd
CVE-2023-36457
2023-07-05 21:15:09
github
github
1Panel vulnerable to command injection when adding container repositories
2023-07-05 21:38:07
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
42.1%
Related for GITLAB-68D18AD30060B0ED71D9EA42AAD7FADA