CVE-2020-36627
Open redirect vulnerability in github.com/go-macaron/i18n
6.1
MEDIUM
CVSS 3.1
EPSS 0.31%
描述
A vulnerability was found in Macaron i18n. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file i18n.go. The manipulation leads to open redirect. The attack can be launched remotely. Upgrading to version 0.5.0 is able to address this issue. The name of the patch is 329b0c4844cc16a5a253c011b55180598e707735. It is recommended to upgrade the affected component. The identifier VDB-216745 was assigned to this vulnerability.
如何修補 CVE-2020-36627
要修補 CVE-2020-36627,請將受影響套件升級到下列已修補版本。
- —未列出修補版本
- —升級至 0.5.0 或更新版本
- —升級至 0.5.0 或更新版本
CVE-2020-36627 正在被利用嗎?
低 — EPSS 為 0.3%,目前沒有觀察到大規模利用活動。
受影響套件(3)
- from 0
- from 0, < 0.5.0
- from 0, < 0.5.0
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | MEDIUM6.1 | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |