OTCLient is an alternative tibia client for otserv. Prior to commit db560de0b56476c87a2f967466407939196dd254, the /mehah/otclient "`Analysis - SonarCloud`" workflow is vulnerable to an expression injection in Actions, allowing an attacker to run commands remotely on the runner, leak secrets, and alter the repository using this workflow. Commit db560de0b56476c87a2f967466407939196dd254 contains a fix for this issue.
History

Thu, 14 Nov 2024 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2024-01-02T20:29:14.163Z

Updated: 2024-11-14T19:11:03.581Z

Reserved: 2023-12-29T03:00:44.953Z

Link: CVE-2024-21623

cve-icon Vulnrichment

Updated: 2024-08-01T22:27:35.824Z

cve-icon NVD

Status : Analyzed

Published: 2024-01-02T21:15:10.250

Modified: 2024-01-08T19:29:32.277

Link: CVE-2024-21623

cve-icon Redhat

No data.