CVE-2021-41745

Description

A file upload vulnerability exists in Showdoc 2.8.3, which can be exploited by an attacker to gain server privileges.

How to fix CVE-2021-41745

To remediate CVE-2021-41745, upgrade the affected package to a fixed version below.

• Packagist/showdoc/showdoc—upgrade to 2.8.5 or later

Is CVE-2021-41745 being exploited?

Low — EPSS is 0.3%, meaning exploitation activity has not been observed at scale.

Affected packages (1)

• from 0, < 2.8.5

CVSS scores

References (5)

• ADVISORYnvd.nist.gov/vuln/detail/CVE-2021-41745
• PATCHgithub.com/star7th/showdoc
• WEBgithub.com/purple-WL/SHOWDOC-file-upload-vulnerability
• WEBgithub.com/star7th/showdoc/commit/aec3df841958059c1db9ab1af25acc2af81e4e0e
• WEB