Gipsy Project

gipsy_project

1 CVE • 1 product

Products (1)

Click to collapse

Toggle

Gipsy

gipsy

1 CVE

CVEs (1)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-30621 1Gipsy Project 1Gipsy Jun 17, 2026 Apr 21, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Gipsy is a multi-purpose discord bot which aim to be as modular and user-friendly as possible. In versions prior to 1.3 users can run command on the host machine with sudoer permission. The `!ping` command when provided...Show more Gipsy is a multi-purpose discord bot which aim to be as modular and user-friendly as possible. In versions prior to 1.3 users can run command on the host machine with sudoer permission. The `!ping` command when provided with an IP or hostname used to run a bash `ping <IP>` without verification that the IP or hostname was legitimate. This command was executed with root permissions and may lead to arbitrary command injection on the host server. Users are advised to upgrade. There are no known workarounds for this vulnerability.Show less

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2023-30621

1Gipsy Project

1Gipsy

Jun 17, 2026

Apr 21, 2023

N/A· v4

9.8 CRITICAL· v3

N/A· v2

Gipsy is a multi-purpose discord bot which aim to be as modular and user-friendly as possible. In versions prior to 1.3 users can run command on the host machine with sudoer permission. The `!ping` command when provided with an IP or hostname used to run a bash `ping <IP>` without verification that the IP or hostname was legitimate. This command was executed with root permissions and may lead to arbitrary command injection on the host server. Users are advised to upgrade. There are no known workarounds for this vulnerability.Show less