CVE-2023-1000 – A vulnerability was found in cyanomiko dcnnt-py up to 0.9.0. It has been classified as …

27 April 2024

Vuln ID: CVE-2023-1000

Published: 2024-04-27 09:15:08.740

Description: A vulnerability was found in cyanomiko dcnnt-py up to 0.9.0. It has been classified as critical. Affected is the function main of the file dcnnt/plugins/notifications.py of the component Notification Handler. The manipulation leads to command injection. It is possible to launch the attack remotely. Upgrading to version 0.9.1 is able to address this issue. The patch is identified as b4021d784a97e25151a5353aa763a741e9a148f5. It is recommended to upgrade the affected component. VDB-262230 is the identifier assigned to this vulnerability.

Base Score: 6.3 – MEDIUM

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Source: NVD.NIST.GOV

Date:

27 April 2024

Categorie(s):

NVD

Tag(s):

NVD

ASD’s ACSC, CISA, and Partners Release Secure by Design Guidance on Choosing Secure and Verifiable Technologies9 May 2024
How to enforce a security baseline for an AWS WAF ACL across your organization using AWS Firewall Manager9 May 2024
Zscaler swats claims of a significant breach9 May 2024
OpenAI unveils ‘Model Spec’: A framework for shaping responsible AI9 May 2024
Quishing Campaign Exploits Microsoft Open Redirect Vulnerability9 May 2024