CVE-2021-39131 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	7.5 HIGH	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
GitHub_M	CNA	7.5 HIGH	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: 63%

Affected Products (NVD)

Vendor	Product	Version
ced_project	ced	0.1.0

𝑥

= Vulnerable software versions

Known Exploits!

Common Weakness Enumeration

CWE-241 - Improper Handling of Unexpected Data Type
The software does not handle or incorrectly handles when a particular element is not the expected type, e.g. it expects a digit (0-9) but is provided with a letter (A-Z).
CWE-755 - Improper Handling of Exceptional Conditions
The software does not handle or incorrectly handles an exceptional condition.

References

https://github.com/sonicdoe/ced/commit/a4d9f10b6bf1cd468d1a5b9a283cdf437f8bb7b3

https://github.com/sonicdoe/ced/releases/tag/v1.0.0

https://github.com/sonicdoe/ced/security/advisories/GHSA-27wq-qx3q-fxm9

https://github.com/sonicdoe/ced/commit/a4d9f10b6bf1cd468d1a5b9a283cdf437f8bb7b3

https://github.com/sonicdoe/ced/releases/tag/v1.0.0

https://github.com/sonicdoe/ced/security/advisories/GHSA-27wq-qx3q-fxm9