versionn, software for changing version information across multiple files, has a command injection vulnerability in all versions prior to version 1.1.0. This issue is patched in version 1.1.0.
References
Configurations
History
21 Nov 2024, 07:50
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/commenthol/versionn/commit/2ca128823efe962b37f2698f0eb530c2b124842d - Patch | |
References | () https://github.com/commenthol/versionn/security/advisories/GHSA-fj78-2vc5-f6cm - Third Party Advisory |
01 Mar 2023, 17:40
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://github.com/commenthol/versionn/security/advisories/GHSA-fj78-2vc5-f6cm - Third Party Advisory | |
References | (MISC) https://github.com/commenthol/versionn/commit/2ca128823efe962b37f2698f0eb530c2b124842d - Patch | |
CWE | CWE-77 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
CPE | cpe:2.3:a:versionn_project:versionn:*:*:*:*:*:*:*:* |
21 Feb 2023, 14:50
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-02-20 16:15
Updated : 2024-11-21 07:50
NVD link : CVE-2023-25805
Mitre link : CVE-2023-25805
CVE.ORG link : CVE-2023-25805
JSON object : View
Products Affected
versionn_project
- versionn
CWE
CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')