You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Description:
1Panel is an open source Linux server operation and maintenance management panel. Prior to version 1.3.6, an authenticated attacker can craft a malicious payload to achieve command injection when adding container repositories. The vulnerability has been fixed in v1.3.6.
Cross references:
No existing reports found with this module or alias.
See doc/triage.md for instructions on how to triage this report.
modules:
- module: github.com/1Panel-dev/1Panel
vulnerable_at: 1.3.6
packages:
- package: 1Panel
description: |-
1Panel is an open source Linux server operation and maintenance management
panel. Prior to version 1.3.6, an authenticated attacker can craft a malicious
payload to achieve command injection when adding container repositories. The
vulnerability has been fixed in v1.3.6.
cves:
- CVE-2023-36457
references:
- advisory: https://github.com/1Panel-dev/1Panel/security/advisories/GHSA-q2mx-gpjf-3h8x
- web: https://github.com/1Panel-dev/1Panel/releases/tag/v1.3.6
The text was updated successfully, but these errors were encountered:
CVE-2023-36457 references github.com/1Panel-dev/1Panel, which may be a Go module.
Description:
1Panel is an open source Linux server operation and maintenance management panel. Prior to version 1.3.6, an authenticated attacker can craft a malicious payload to achieve command injection when adding container repositories. The vulnerability has been fixed in v1.3.6.
References:
Cross references:
No existing reports found with this module or alias.
See doc/triage.md for instructions on how to triage this report.
The text was updated successfully, but these errors were encountered: