AVG-1921 log
| Package | metasploit |
| Status | Fixed |
| Severity | Medium |
| Type | multiple issues |
| Affected | 6.0.37-1 |
| Fixed | 6.0.48-1 |
| Current | 6.4.5-1 [extra] |
| Ticket | None |
| Created | Wed May 5 17:10:17 2021 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2021-22904 | Low | Yes | Denial of service | There is a possible denial of service (DoS) vulnerability in the Token Authentication logic in Action Controller before versions 6.1.3.2, 6.0.3.7, 5.2.4.6... |
| CVE-2021-22885 | Medium | Yes | Information disclosure | There is a possible information disclosure/unintended method execution vulnerability in Action Pack before versions 6.1.3.2, 6.0.3.7, 5.2.4.6 and 5.2.6 when... |
| Notes |
|---|
Action Pack version 5.2.4.5 is bundled with Metasploit version 6.0.37, Action Pack version 5.2.6 is bundled with Metasploit version 6.0.48. |