A specially-crafted HTTP request can lead to arbitrary...
Critical severity
Unreviewed
Published
Dec 23, 2021
to the GitHub Advisory Database
•
Updated Feb 3, 2023
Description
Published by the National Vulnerability Database
Dec 22, 2021
Published to the GitHub Advisory Database
Dec 23, 2021
Last updated
Feb 3, 2023
A specially-crafted HTTP request can lead to arbitrary command execution in EC keypasswd parameter. An attacker can make an authenticated HTTP request to trigger this vulnerability.
References