Skip to main content

Plone Docker Official Image

2 CVEs product

Monthly

CVE-2024-23054 CRITICAL POC Act Now

An issue in Plone Docker Official Image 5.2.13 (5221) open-source software that could allow for remote code execution due to a package listed in ++plone++static/components not existing in the public. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Node.js RCE Docker Plone Docker Official Image
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
1.7%
CVE-2024-23055 MEDIUM POC This Month

An issue in Plone Docker Official Image 5.2.13 (5221) open-source software allows for remote code execution via improper validation of input by the HOST headers. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Docker Plone Docker Official Image
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
1.2%
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

An issue in Plone Docker Official Image 5.2.13 (5221) open-source software that could allow for remote code execution due to a package listed in ++plone++static/components not existing in the public. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Node.js RCE Docker +1
NVD GitHub VulDB
EPSS 1% CVSS 6.1
MEDIUM POC This Month

An issue in Plone Docker Official Image 5.2.13 (5221) open-source software allows for remote code execution via improper validation of input by the HOST headers. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Docker Plone Docker Official Image
NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy