📦

registry

Vendor: silverstripe

Actively Exploited 0 CISA KEV List

PoC / Exploits 0 Code Available

Total RCEs 0 Remote Access

Total CVEs 1 Total Indexed

Avg. EPSS 1.48% Exploit Prob.

Latest CVE CVE-2020-29591 Dec 11

Security Vulnerability Index

Page 1 / 1

9.8 CVSS

CVE-2020-29591

Versions of the Official registry Docker images through 2.7.0 contain a blank password for the root user. Systems deployed using affected versions of the registry container may allow a remote attacker to achieve root access with a blank password.

EPSS: 2.66%

Severity: CRITICAL

Dec 11, 2020

9.8 CVSS

CVE-2019-12149

SQL injection vulnerability in silverstripe/restfulserver module 1.0.x before 1.0.9, 2.0.x before 2.0.4, and 2.1.x before 2.1.2 and silverstripe/registry module 2.1.x before 2.1.1 and 2.2.x before 2.2.1 allows attackers to execute arbitrary SQL commands.

EPSS: 0.31%

Severity: CRITICAL

Jun 11, 2019

Displaying 2 of 1 Total Entries

Total 1 Sections