Skip to main content

Bonobo Git Server

2 CVEs product

Monthly

CVE-2019-11218 HIGH This Week

Improper handling of extra parameters in the AccountController (User Profile edit) in Jakub Chodounsky Bonobo Git Server before 6.5.0 allows authenticated users to gain application administrator. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Bonobo Git Server
NVD
CVSS 3.0
8.8
EPSS
1.2%
CVE-2019-11217 CRITICAL PATCH Act Now

The GitController in Jakub Chodounsky Bonobo Git Server before 6.5.0 allows execution of arbitrary commands in the context of the web server via a crafted http request. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Command Injection vulnerability could allow attackers to inject arbitrary commands into system command execution.

Command Injection Bonobo Git Server
NVD
CVSS 3.0
9.8
EPSS
3.8%
EPSS 1% CVSS 8.8
HIGH This Week

Improper handling of extra parameters in the AccountController (User Profile edit) in Jakub Chodounsky Bonobo Git Server before 6.5.0 allows authenticated users to gain application administrator. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Bonobo Git Server
NVD
EPSS 4% CVSS 9.8
CRITICAL PATCH Act Now

The GitController in Jakub Chodounsky Bonobo Git Server before 6.5.0 allows execution of arbitrary commands in the context of the web server via a crafted http request. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Command Injection vulnerability could allow attackers to inject arbitrary commands into system command execution.

Command Injection Bonobo Git Server
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy