Code Injection in GitHub repository nuitka/nuitka prior to 0.9.
Threat-Mapped Scoring
Score: 0.0
Priority: Unclassified
EPSS
Score: 0.0014
Percentile:
0.3482
CVSS Scoring
CVSS v3.1 Score: 8.4
Severity: HIGH
Mapped CWE(s)
-
CWE-94
: Improper Control of Generation of Code ('Code Injection')
All CAPEC(s)
-
CAPEC-242: Code Injection
-
CAPEC-35: Leverage Executable Code in Non-Executable Files
-
CAPEC-77: Manipulating User-Controlled Variables
CAPEC(s) with Mapped TTPs
-
CAPEC-35: Leverage Executable Code in Non-Executable Files
Mapped TTPs:
Mapped ATT&CK TTPs
-
T1027.006
: HTML Smuggling
Kill Chain: defense-evasion
-
T1027.009
: Embedded Payloads
Kill Chain: defense-evasion
-
T1564.009
: Resource Forking
Kill Chain: defense-evasion
Malware
APTs Threat Group Associations
Campaigns
Affected Products
- cpe:2.3:a:nuitka:nuitka:*:*:*:*:*:*:*:*
← Back to Home