Go modules package
github.com/chaosblade-io/chaosblade
pkg:golang/github.com/chaosblade-io/chaosblade
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-47105 | Hig | 8.6 | >= 0.0.3, < 1.7.4 | 1.7.4 | Sep 18, 2024 | exec.CommandContext in Chaosblade 0.3 through 1.7.3, when server mode is used, allows OS command execution via the cmd parameter without authentication. |
- affected >= 0.0.3, < 1.7.4fixed 1.7.4
exec.CommandContext in Chaosblade 0.3 through 1.7.3, when server mode is used, allows OS command execution via the cmd parameter without authentication.