CVE-2022-41711
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2022-41711
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-41711.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2022-41711
- Aliases
- Published
- 2022-10-25T21:15:49Z
- Modified
- 2024-05-14T12:17:40.350480Z
- Severity
-
- 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
Badaso version 2.6.0 allows an unauthenticated remote attacker to execute arbitrary code remotely on the server. This is possible because the application does not properly validate the data uploaded by users.
- References
Affected packages
Git / github.com/uasoft-indonesia/badaso
Affected ranges
- Type
- GIT
- Repo
- https://github.com/uasoft-indonesia/badaso
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affected
Affected versions
1.*
1.0.0-alpha.1
1.0.0-alpha.10
1.0.0-alpha.11
1.0.0-alpha.12
1.0.0-alpha.13
1.0.0-alpha.14
1.0.0-alpha.15
1.0.0-alpha.16
1.0.0-alpha.17
1.0.0-alpha.18
1.0.0-alpha.19
1.0.0-alpha.2
1.0.0-alpha.20
1.0.0-alpha.21
1.0.0-alpha.22
1.0.0-alpha.23
1.0.0-alpha.24
1.0.0-alpha.25
1.0.0-alpha.26
1.0.0-alpha.27
1.0.0-alpha.28
1.0.0-alpha.29
1.0.0-alpha.3
1.0.0-alpha.30
1.0.0-alpha.31
1.0.0-alpha.32
1.0.0-alpha.33
1.0.0-alpha.34
1.0.0-alpha.35
1.0.0-alpha.36
1.0.0-alpha.37
1.0.0-alpha.38
1.0.0-alpha.39
1.0.0-alpha.4
1.0.0-alpha.40
1.0.0-alpha.5
1.0.0-alpha.6
1.0.0-alpha.7
1.0.0-alpha.8
1.0.0-alpha.9
1.0.0-rc
1.0.0-rc.1
1.0.0-rc.2
1.0.0-rc.3
1.0.0-rc.4
1.0.0-rc.5
2.*
2.0.0
2.0.0-alpha
2.0.0-rc
2.0.0-rc.1
2.0.0-rc.10
2.0.0-rc.11
2.0.0-rc.12
2.0.0-rc.13
2.0.0-rc.14
2.0.0-rc.2
2.0.0-rc.3
2.0.0-rc.4
2.0.0-rc.5
2.0.0-rc.6
2.0.0-rc.7
2.0.0-rc.8
2.0.0-rc.9
2.0.1
2.0.2
2.1.0
2.2.0
2.2.1
2.2.2
2.3.0
2.3.1
2.4.0
2.4.1
2.4.10
2.4.11
2.4.12
2.4.13
2.4.14
2.4.2
2.4.3
2.4.4
2.4.5
2.4.6
2.4.7
2.4.8
2.4.9
2.5.0
2.5.1
2.5.2
2.5.3
2.6.0