Vulnerabilities > Misp > Misp > 2.4.109
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-02-12 | CVE-2020-8890 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Misp An issue was discovered in MISP before 2.4.121. | 4.3 |
2019-09-10 | CVE-2019-16202 | Improper Privilege Management vulnerability in Misp MISP before 2.4.115 allows privilege escalation in certain situations. | 4.0 |
2019-06-18 | CVE-2019-12868 | Deserialization of Untrusted Data vulnerability in Misp 2.4.109 app/Model/Server.php in MISP 2.4.109 allows remote command execution by a super administrator because the PHP file_exists function is used with user-controlled entries, and phar:// URLs trigger deserialization. | 7.2 |