{"id":"GHSA-57m2-mpc7-gwgx","summary":"LibreNMS Code Injection vulnerability","details":" Code Injection in GitHub repository librenms/librenms prior to 23.9.0.","aliases":["CVE-2023-4977"],"modified":"2024-02-16T08:18:53.664366Z","published":"2023-09-15T03:30:19Z","database_specific":{"cwe_ids":["CWE-94"],"nvd_published_at":"2023-09-15T01:15:08Z","github_reviewed":true,"github_reviewed_at":"2023-09-15T19:29:52Z","severity":"MODERATE"},"references":[{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-4977"},{"type":"WEB","url":"https://github.com/librenms/librenms/commit/1194934d31c795a3f6877a96ffaa34b1f475bdd0"},{"type":"PACKAGE","url":"https://github.com/librenms/librenms"},{"type":"WEB","url":"https://huntr.dev/bounties/3db8a1a4-ca2d-45df-be18-a959ebf82fbc"}],"affected":[{"package":{"name":"librenms/librenms","ecosystem":"Packagist","purl":"pkg:composer/librenms/librenms"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"23.9.0"}]}],"versions":["1.19","1.20","1.20.1","1.21","1.22","1.22.01","1.23","1.24","1.25","1.26","1.27","1.28","1.29","1.30","1.30.01","1.31","1.31.01","1.31.02","1.31.03","1.32","1.32.01","1.33","1.33.01","1.34","1.35","1.36","1.36.01","1.37","1.38","1.39","1.40","1.41","1.42","1.42.01","1.43","1.44","1.45","1.46","1.47","1.48","1.48.1","1.49","1.50","1.50.1","1.51","1.52","1.53","1.53.1","1.54","1.55","1.56","1.57","1.58","1.58.1","1.59","1.60","1.61","1.62","1.62.1","1.62.2","1.63","1.64","1.64.1","1.65","1.65.1","1.66","1.67","1.68","1.69","1.70.0","1.70.1","21.1.0","21.10.0","21.10.1","21.10.2","21.11.0","21.12.0","21.12.1","21.2.0","21.3.0","21.4.0","21.5.0","21.5.1","21.6.0","21.7.0","21.8.0","21.9.0","21.9.1","22.1.0","22.10.0","22.11.0","22.12.0","22.2.0","22.2.1","22.2.2","22.3.0","22.4.0","22.4.1","22.5.0","22.6.0","22.7.0","22.8.0","22.9.0","23.1.0","23.1.1","23.2.0","23.4.0","23.4.1","23.5.0","23.6.0","23.7.0","23.8.0","23.8.1","23.8.2"],"database_specific":{"source":"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/09/GHSA-57m2-mpc7-gwgx/GHSA-57m2-mpc7-gwgx.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"}]}