CVE-2023-47105

Source
https://nvd.nist.gov/vuln/detail/CVE-2023-47105
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-47105.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-47105
Aliases
Published
2024-09-18T17:15:18Z
Modified
2024-10-08T03:54:33.554557Z
Summary
[none]
Details

exec.CommandContext in Chaosblade 0.3 through 1.7.3, when server mode is used, allows OS command execution via the cmd parameter without authentication.

References

Affected packages

Git / github.com/chaosblade-io/chaosblade

Affected ranges

Type
GIT
Repo
https://github.com/chaosblade-io/chaosblade
Events

Affected versions

v0.*

v0.10.0
v0.3.0
v0.4.0
v0.5.0
v0.6.0
v0.7.0
v0.8.0
v0.9.0

v1.*

v1.0.0
v1.2.0
v1.4.0
v1.5.0
v1.6.0
v1.7.1
v1.7.2
v1.7.3