CVE-2019-9927

Caret before 2019-02-22 allows Remote Code Execution.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 92%
VendorProductVersion
caretcaret
𝑥
≤ 3.4.6
caretcaret
4.0.0:beta0
caretcaret
4.0.0:beta1
caretcaret
4.0.0:beta2
caretcaret
4.0.0:beta3
caretcaret
4.0.0:beta4
caretcaret
4.0.0:beta5
caretcaret
4.0.0:beta6
caretcaret
4.0.0:beta7
caretcaret
4.0.0:beta8
caretcaret
4.0.0:beta9
caretcaret
4.0.0:rc1
caretcaret
4.0.0:rc10
caretcaret
4.0.0:rc11
caretcaret
4.0.0:rc12
caretcaret
4.0.0:rc13
caretcaret
4.0.0:rc14
caretcaret
4.0.0:rc15
caretcaret
4.0.0:rc16
caretcaret
4.0.0:rc17
caretcaret
4.0.0:rc18
caretcaret
4.0.0:rc19
caretcaret
4.0.0:rc2
caretcaret
4.0.0:rc20
caretcaret
4.0.0:rc21
caretcaret
4.0.0:rc22
caretcaret
4.0.0:rc3
caretcaret
4.0.0:rc4
caretcaret
4.0.0:rc5
caretcaret
4.0.0:rc6
caretcaret
4.0.0:rc7
caretcaret
4.0.0:rc8
caretcaret
4.0.0:rc9
𝑥
= Vulnerable software versions
References
https://github.com/careteditor/issues/issues/862
https://github.com/careteditor/issues/issues/862