CVE-2001-0808

3 documents3 sources
Severity
10.0CRITICAL
EPSS
3.1%
top 13.20%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Yngve Svendsen Gnatsweb
Timeline
PublishedDec 6
Latest updateApr 30

Description

gnatsweb.pl in GNATS GnatsWeb 2.7 through 3.95 allows remote attackers to execute arbitrary commands via certain characters in the help_file parameter.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

NVDyngve_svendsen/gnatsweb4 versions+3

Patches

Patch: archives.neohapsis.comPatch: sources.redhat.comPatch: archives.neohapsis.com

🔴Vulnerability Details

2
GHSA
GHSA-jv2h-8qmf-grhx: gnatsweb2022-04-30
CVEList
CVE-2001-0808: gnatsweb2001-11-22
CVE-2001-0808 (CRITICAL CVSS 10) | gnatsweb.pl in GNATS GnatsWeb 2.7 t | cvebase.io