Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Camunda Modeler (aka camunda-modeler) through 4.6.0 allows arbitrary file access. A remote attacker may send a crafted IPC message to the exposed vulnerable ipcRenderer IPC interface, which manipulates the readFile and writeFile APIs. NOTE: the vendor states "The way we secured the app is that it does not allow any remote scripts to be opened, no unsafe scripts to be evaluated, no remote sites to be browsed.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Nico Rehwaldt camunda-modeler 安全漏洞
Vulnerability Description
Nico Rehwaldt camunda-modeler是 (Nico Rehwaldt)开源的一个应用软件。提供基于bpmn.io的BPMN与DMN集成建模解决方案。 Camunda Modeler through 4.6.0存在安全漏洞,该漏洞洞允许任意文件访问。
CVSS Information
N/A
Vulnerability Type
N/A