Abb Drive Composer vulnerabilities
5 known vulnerabilities affecting abb/drive_composer.
Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH4MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2022-3573MEDIUMCVSS 5.4≤ 2.82023-01-12
CVE-2022-3573 [MEDIUM] CWE-79 CVE-2022-3573: An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 before 15.5.7
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 before 15.5.7, all versions starting from 15.6 before 15.6.4, all versions starting from 15.7 before 15.7.2. Due to the improper filtering of query parameters in the wiki changes page, an attacker can execute arbitrary JavaScript on the self-hosted instances running
nvd
CVE-2022-31216HIGHCVSS 7.8≥ 2.0, < 2.7.12022-06-15
CVE-2022-31216 [HIGH] CWE-59 CVE-2022-31216: Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file
Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. The Drive Composer installer file allows a low-privileged user to run a "repair" operation on the product.
nvd
CVE-2022-31217HIGHCVSS 7.8≥ 2.0, < 2.7.12022-06-15
CVE-2022-31217 [HIGH] CWE-59 CVE-2022-31217: Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file
Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. The Drive Composer installer file allows a low-privileged user to run a "repair" operation on the product.
nvd
CVE-2022-31219HIGHCVSS 7.8≥ 2.0, < 2.7.12022-06-15
CVE-2022-31219 [HIGH] CWE-59 CVE-2022-31219: Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file
Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. The Drive Composer installer file allows a low-privileged user to run a "repair" operation on the product.
nvd
CVE-2022-31218HIGHCVSS 7.8≥ 2.0, < 2.7.12022-06-15
CVE-2022-31218 [HIGH] CWE-59 CVE-2022-31218: Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file
Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. The Drive Composer installer file allows a low-privileged user to run a "repair" operation on the product.
nvd