Command Injection
CVE-2020-7698

8.1HIGH

Key Information:

Vendor: Gerapy
Status: Gerapy
Vendor: CVE Published:; 29 July 2020

What is CVE-2020-7698?

This affects the package Gerapy from 0 and before 0.9.3. The input being passed to Popen, via the project_configure endpoint, isn’t being sanitized.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Gerapy 0

Gerapy < 0.9.3

References

https://snyk.io/vuln/SNYK-PYTHON-GERAPY-572470

x_refsource_MISC

https://github.com/Gerapy/Gerapy/commit/e8446605eb2424717...

x_refsource_MISC

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 29, 2020
Vulnerability Reserved
Jan 21, 2020

Credit

Snyk Security Team

JSON

Gerapy

What is CVE-2020-7698?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Credit

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.