MidnightBSD

Advisories for reg-keygen-git-hash_project

CVE-2021-32673 HIGH

reg-keygen-git-hash-plugin is a reg-suit plugin to detect the snapshot key to be compare with using Git commit hash. reg-keygen-git-hash-plugin through and including 0.10.15 allow remote attackers to execute of arbitrary commands. Upgrade to version 0.10.16 or later to resolve this issue.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
security-advisories@github.com 8.8 HIGH CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L 2.8 5.3

CVSS 2.0

Severity: HIGH

Problem Type: CWE-94,CWE-78,

Products Affected

Vendor Product Version
reg-keygen-git-hash_project reg-keygen-git-hash *