super-xray is a vulnerability scanner (xray) GUI launcher. In version 0.1-beta, the URL is not filtered and directly spliced ??into the command, resulting in a possible RCE vulnerability. Users should upgrade to super-xray 0.2-beta.
References
Link | Resource |
---|---|
https://github.com/4ra1n/super-xray/releases/tag/0.2-beta | Release Notes Third Party Advisory |
https://github.com/4ra1n/super-xray/security/advisories/GHSA-732j-763p-cvqg | Exploit Third Party Advisory |
Configurations
History
27 Jun 2023, 14:01
Type | Values Removed | Values Added |
---|---|---|
CWE | NVD-CWE-Other |
25 Jan 2023, 02:01
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-94 |
28 Nov 2022, 13:54
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-77 | |
References | (MISC) https://github.com/4ra1n/super-xray/releases/tag/0.2-beta - Release Notes, Third Party Advisory | |
References | (CONFIRM) https://github.com/4ra1n/super-xray/security/advisories/GHSA-732j-763p-cvqg - Exploit, Third Party Advisory | |
CPE | cpe:2.3:a:super-xray_project:super-xray:0.1:beta:*:*:*:*:*:* | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
First Time |
Super-xray Project super-xray
Super-xray Project |
22 Nov 2022, 13:44
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-11-21 23:15
Updated : 2023-12-10 14:48
NVD link : CVE-2022-41945
Mitre link : CVE-2022-41945
CVE.ORG link : CVE-2022-41945
JSON object : View
Products Affected
super-xray_project
- super-xray
CWE