MidnightBSD

Advisories for calipso_project

CVE-2021-23391 LOW

This affects all versions of package calipso. It is possible for a malicious module to overwrite files on an arbitrary file system through the module install functionality.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
report@snyk.io 7.3 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L 2.5 4.7
nvd@nist.gov 7.1 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H 1.8 5.2

CVSS 2.0

Severity: LOW

Problem Type: CWE-22,

Products Affected

Vendor Product Version
calipso_project calipso *