Vulnerability Description
A vulnerability was found in paxswill EVE Ship Replacement Program 0.12.11. It has been rated as problematic. This issue affects some unknown processing of the file src/evesrp/views/api.py of the component User Information Handler. The manipulation leads to information disclosure. The attack may be initiated remotely. Upgrading to version 0.12.12 is able to address this issue. The patch is named 9e03f68e46e85ca9c9694a6971859b3ee66f0240. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-220211.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Eve Ship Replacement Program Project | Eve Ship Replacement Program | 0.12.11 |
Related Weaknesses (CWE)
References
- https://github.com/paxswill/evesrp/commit/9e03f68e46e85ca9c9694a6971859b3ee66f02Patch
- https://github.com/paxswill/evesrp/releases/tag/v0.12.12Release Notes
- https://vuldb.com/?ctiid.220211Permissions RequiredThird Party Advisory
- https://vuldb.com/?id.220211Third Party Advisory
- https://github.com/paxswill/evesrp/commit/9e03f68e46e85ca9c9694a6971859b3ee66f02Patch
- https://github.com/paxswill/evesrp/releases/tag/v0.12.12Release Notes
- https://vuldb.com/?ctiid.220211Permissions RequiredThird Party Advisory
- https://vuldb.com/?id.220211Third Party Advisory
FAQ
What is CVE-2020-36660?
CVE-2020-36660 is a vulnerability with a CVSS score of 4.3 (MEDIUM). A vulnerability was found in paxswill EVE Ship Replacement Program 0.12.11. It has been rated as problematic. This issue affects some unknown processing of the file src/evesrp/views/api.py of the comp...
How severe is CVE-2020-36660?
CVE-2020-36660 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-36660?
Check the references section above for vendor advisories and patch information. Affected products include: Eve Ship Replacement Program Project Eve Ship Replacement Program.