Vulnerability Details CVE-2024-28212
nGrinder before 3.5.9 uses old version of SnakeYAML, which could allow remote attacker to execute arbitrary code via unsafe deserialization.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.074
EPSS Ranking 91.2%
CVSS Severity
CVSS v3 Score 9.8
References
Products affected by CVE-2024-28212
-
cpe:2.3:a:naver:ngrinder:3.0
-
cpe:2.3:a:naver:ngrinder:3.0.1
-
cpe:2.3:a:naver:ngrinder:3.0.2
-
cpe:2.3:a:naver:ngrinder:3.0.3
-
cpe:2.3:a:naver:ngrinder:3.0.4
-
cpe:2.3:a:naver:ngrinder:3.1
-
cpe:2.3:a:naver:ngrinder:3.1.1
-
cpe:2.3:a:naver:ngrinder:3.1.2
-
cpe:2.3:a:naver:ngrinder:3.1.3
-
cpe:2.3:a:naver:ngrinder:3.2
-
cpe:2.3:a:naver:ngrinder:3.2.1
-
cpe:2.3:a:naver:ngrinder:3.2.2
-
cpe:2.3:a:naver:ngrinder:3.2.3
-
cpe:2.3:a:naver:ngrinder:3.3
-
cpe:2.3:a:naver:ngrinder:3.4
-
cpe:2.3:a:naver:ngrinder:3.4.1
-
cpe:2.3:a:naver:ngrinder:3.4.2
-
cpe:2.3:a:naver:ngrinder:3.4.3
-
cpe:2.3:a:naver:ngrinder:3.4.4
-
cpe:2.3:a:naver:ngrinder:3.5.0
-
cpe:2.3:a:naver:ngrinder:3.5.1
-
cpe:2.3:a:naver:ngrinder:3.5.2
-
cpe:2.3:a:naver:ngrinder:3.5.3
-
cpe:2.3:a:naver:ngrinder:3.5.4
-
cpe:2.3:a:naver:ngrinder:3.5.5
-
cpe:2.3:a:naver:ngrinder:3.5.6
-
cpe:2.3:a:naver:ngrinder:3.5.7
-
cpe:2.3:a:naver:ngrinder:3.5.8