📦

cache

Vendor: doctrine-project

Actively Exploited 0 CISA KEV List

PoC / Exploits 0 Code Available

Total RCEs 1 Remote Access

Total CVEs 2 Total Indexed

Avg. EPSS 0.25% Exploit Prob.

Latest CVE CVE-2020-36448 Aug 08

Security Vulnerability Index

Page 1 / 1

8.1 CVSS

CVE-2020-36448

RCE

An issue was discovered in the cache crate through 2020-11-24 for Rust. There are unconditional implementations of Send and Sync for Cache<K>.

EPSS: 0.48%

Severity: HIGH

Aug 08, 2021

7.5 CVSS

CVE-2021-25903

An issue was discovered in the cache crate through 2021-01-01 for Rust. A raw pointer is dereferenced.

EPSS: 0.39%

Severity: HIGH

Jan 26, 2021

6.4 CVSS

CVE-2018-17152

Intersystems Cache 2017.2.2.865.0 allows XXE.

EPSS: 0.21%

Severity: MEDIUM

Jul 11, 2019

5.4 CVSS

CVE-2018-17151

Intersystems Cache 2017.2.2.865.0 has Incorrect Access Control.

EPSS: 0.21%

Severity: MEDIUM

Jul 11, 2019

6.1 CVSS

CVE-2018-17150

Intersystems Cache 2017.2.2.865.0 allows XSS.

EPSS: 0.33%

Severity: MEDIUM

Jul 11, 2019

7.8 CVSS

CVE-2015-5723

Doctrine Annotations before 1.2.7, Cache before 1.3.2 and 1.4.x before 1.4.2, Common before 2.4.3 and 2.5.x before 2.5.1, ORM before 2.4.8 or 2.5.x before 2.5.1, MongoDB ODM before 1.0.2, and MongoDB ODM Bundle before 3.0.1 use world-writable permissions for cache directories, which allows local users to execute arbitrary PHP code with additional privileges by leveraging an application with the umask set to 0 and that executes cache entries as code.

EPSS: 0.03%

Severity: HIGH

Jun 07, 2016

2.1 CVSS

CVE-2004-2683

Unspecified vulnerability in the %XML.Utils.SchemaServer class in InterSystems Cache' 5.0 allows attackers to access arbitrary files on a server.

EPSS: 0.07%

Severity: LOW

Dec 31, 2004

Displaying 7 of 2 Total Entries

Total 1 Sections