CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2019-19010
https://notcve.org/view.php?id=CVE-2019-19010
Eval injection in the Math plugin of Limnoria (before 2019.11.09) and Supybot (through 2018-05-09) allows remote unprivileged attackers to disclose information or possibly have unspecified other impact via the calc and icalc IRC commands. Una inyección eval en el plugin Math de Limnoria (versiones anteriores a 2019.11.09) y Supybot (hasta el 09-05-2018) permite a atacantes remotos no privilegiados revelar información o posiblemente tener otro impacto no especificado por medio de los comandos calc e icalc IRC. • https://github.com/ProgVal/Limnoria/commit/3848ae78de45b35c029cc333963d436b9d2f0a35 https://github.com/ProgVal/Limnoria/wiki/math-eval-vulnerability https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/54CQM2TEXRADLE77VOMCPHL5PBHR3ZWJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5P2AGND54UIJV3WHOYO2YINIXSDGAAPO https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DRNOUHFEN75QAIKT4Y3HDN3TT5LSIWN2 • CWE-94: Improper Control of Generation of Code ('Code Injection') •