*Note: this issue only affects Firefox on Windows operating systems.*. The Firefox content processes did not sufficiently lockdown access control which could result in a sandbox escape. Arbitrary commands can be injected through the repository name. NPM package gitlabhook version 0.0.17 is vulnerable to a Command Injection vulnerability. Vulnerabilities with a base score of 0.1 to 3.9įor those vulnerabilities without assigned CVSS scores, please visit NVD for the updated CVSS vulnerability entries. Vulnerabilities with a base score of 4.0 to 6.9 Vulnerabilities with a base score of 7.0 to 8.9 Vulnerabilities with a base score of 9.0 to 10.0 ![]() The vulnerabilities are tabled based on severity, in accordance to their CVSSv3 base scores:
0 Comments
Leave a Reply. |