CVE-2020-36388
HIGH8.8EPSS 0.66%發布日:2021/6/17修改日:2026/4/28
描述
In CiviCRM before 5.21.3 and 5.22.x through 5.24.x before 5.24.3, users may be able to upload and execute a crafted PHAR archive.
受影響套件(2)
- Bitnami/civicrmfrom 0, < 5.21.3, >= 5.22.0, < 5.24.3
- Debian/civicrmfrom 0, < 5.24.5+dfsg1-1
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH8.8 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |