发布于3月6日3月6日 Members Debian: CVE-2023-27372: spip -- security update Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 02/28/2023 Created 03/03/2023 Added 03/02/2023 Modified 01/28/2025 Description SPIP before 4.2.1 allows Remote Code Execution via form values in the public area because serialization is mishandled. The fixed versions are 3.2.18, 4.0.10, 4.1.8, and 4.2.1. Solution(s) debian-upgrade-spip References https://attackerkb.com/topics/cve-2023-27372 CVE - 2023-27372 DLA-3347-1 DSA-5367
