CVE-2022-2636
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2022-2636
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-2636.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2022-2636
- Published
- 2022-08-05T09:30:16Z
- Modified
- 2025-11-28T02:35:17.393050Z
- Severity
-
- 8.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H CVSS Calculator
- Summary
- Code Injection in hestiacp/hestiacp
- Details
-
Improper Control of Generation of Code ('Code Injection') in GitHub repository hestiacp/hestiacp prior to 1.6.6.
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/2xxx/CVE-2022-2636.json", "cna_assigner": "@huntrdev", "cwe_ids": [ "CWE-94" ] }- References
Affected packages
Git / github.com/hestiacp/hestiacp
Affected ranges
- Type
- GIT
- Repo
- https://github.com/hestiacp/hestiacp
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
0.*
0.9.8-28
1.*
1.0.1
1.00.0-190618
1.2.0
1.3.0
1.3.1
1.3.2
1.4.0
1.4.1
1.4.10
1.4.11
1.4.12
1.4.13
1.4.14
1.4.15
1.4.16
1.4.17
1.4.2
1.4.3
1.4.4
1.4.5
1.4.6
1.4.7
1.4.8
1.4.9
1.5.0
1.5.1
1.5.10
1.5.11
1.5.12
1.5.13
1.5.14
1.5.15
1.5.2
1.5.3
1.5.4
1.5.5
1.5.6
1.5.7
1.5.8
1.5.9
1.6.0
1.6.1
1.6.2
1.6.3
1.6.4
1.6.5