CVE-2021-23391

High

This affects all versions of package calipso. It is possible for a malicious module to overwrite files on an arbitrary file system through…

snyk·CWE-22·Published 2021-06-07

CVSS

7.1

EPSS

0.00

KEV

Exploits

cve.orgen

172 chars

This affects all versions of package calipso. It is possible for a malicious module to overwrite files on an arbitrary file system through the module install functionality.

NVDen

172 chars

This affects all versions of package calipso. It is possible for a malicious module to overwrite files on an arbitrary file system through the module install functionality.

GHSAen

172 chars

This affects all versions of package calipso. It is possible for a malicious module to overwrite files on an arbitrary file system through the module install functionality.

NVDes

190 chars

Esto afecta a todas las versiones del paquete calipso. Es posible para un módulo malicioso sobrescribir archivos en un sistema de archivos arbitrario mediante la funcionalidad module install

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	3.6	3.9	4.9	AV:L/AC:L/Au:N/C:N/I:P/A:P
3.1	Primary	cve.org	7.3	—	—	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L/E:F/RL:U/RC:C
3.1	Primary	cve.org	7.3	—	—	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L/E:F/RL:U/RC:C
3.1	Primary	NVD	7.1	1.8	5.2	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
3.1	Secondary	NVD	7.3	2.5	4.7	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
3.1	Secondary	GHSA	7.3	—	—	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L