How severe is CVE-2023-32079?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.8 out of 10.

What type of vulnerability is CVE-2023-32079?

This is classified as CWE-915, which is a common weakness in software security.

CVE-2023-32079

HIGH Year: 2023

CVSS v3 Score

8.8

High

Weakness Type

CWE-915

View all →

Vulnerability Description

Netmaker makes networks with WireGuard. A Mass assignment vulnerability was found in versions prior to 0.17.1 and 0.18.6 that allows a non-admin user to escalate privileges to those of an admin user. The issue is patched in 0.17.1 and fixed in 0.18.6. If Users are using 0.17.1, they should run `docker pull gravitl/netmaker:v0.17.1` and `docker-compose up -d`. This will switch them to the patched users If users are using v0.18.0-0.18.5, they should upgrade to v0.18.6 or later. As a workaround, someone using version 0.17.1 can pull the latest docker image of the backend and restart the server.

CVE-2021-21368

HIGH

CVSS:8.8(High)

msgpack5 is a msgpack v5 implementation for node.js and the browser. In msgpack5 before versions 3.6.1, 4.5.1, and 5.2.1 there is a "Prototype Poisoning" vulnerability. When msgpack5 decodes a map con...

CWE-9152021

CVE-2024-0404

CRITICAL

CVSS:9.1(Critical)

A mass assignment vulnerability exists in the `/api/invite/:code` endpoint of the mintplex-labs/anything-llm repository, allowing unauthorized creation of high-privileged accounts. By intercepting and...

CWE-9152024

CVE-2025-30358

HIGH

CVSS:8.1(High)

Mesop is a Python-based UI framework that allows users to build web applications. A class pollution vulnerability in Mesop prior to version 0.14.1 allows attackers to overwrite global variables and cl...

CWE-9152025

CVE-2022-2625

HIGH

CVSS:8.0(High)

A vulnerability was found in PostgreSQL. This attack requires permission to create non-temporary objects in at least one schema, the ability to lure or wait for an administrator to create or update an...

CWE-9152022

CVE-2021-21304

CRITICAL

CVSS:9.8(Critical)

Dynamoose is an open-source modeling tool for Amazon's DynamoDB. In Dynamoose from version 2.0.0 and before version 2.7.0 there was a prototype pollution vulnerability in the internal utility method "...

CWE-9152021

CVE-2022-24802

CRITICAL

CVSS:9.8(Critical)

deepmerge-ts is a typescript library providing functionality to deep merging of javascript objects. deepmerge-ts is vulnerable to Prototype Pollution via file deepmerge.ts, function defaultMergeRecord...

CWE-9152022

CVE-2023-32079

Vulnerability Description

Related Vulnerabilities

CVE-2021-21368

CVE-2024-0404

CVE-2025-30358

CVE-2022-2625

CVE-2021-21304

CVE-2022-24802