ALT-PU-2015-2892-1

Обновление пакета sed в ветке sisyphus

Версия4.2.2.0.93.31c8-alt1
Задание#150941
Опубликовано2015-10-09
Макс. серьёзностьHIGH
Серьёзность:

Закрытые проблемы (3)

CVE-2026-9153
MEDIUM6.5

Arbitrary File Read vulnerability in Rapid7 InsightConnect Sed Plugin on Linux allows authenticated attackers to read arbitrary files via the expression parameter due to insufficient input validation.

Опубликовано: 2026-06-24Изменено: 2026-06-27
CVSS 3.xСРЕДНЯЯ 6.5
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2026-9154
MEDIUM6.5

Arbitrary File Write vulnerability in Rapid7 InsightConnect Sed Plugin on Linux allows authenticated attackers to write attacker-controlled content to arbitrary file paths via the expression parameter.

Опубликовано: 2026-06-24Изменено: 2026-06-27
CVSS 3.xСРЕДНЯЯ 6.5
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
CVE-2026-9155
HIGH8.8

OS Command Injection vulnerability in Rapid7 InsightConnect Sed Plugin on Linux allows authenticated attackers to execute arbitrary OS commands via the expression parameter due to insufficient input validation.

Опубликовано: 2026-06-24Изменено: 2026-06-27
CVSS 3.xВЫСОКАЯ 8.8
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H