daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add CVE-2024-32651

patch-2
edoardottt 2024-04-29 16:41:50 +02:00
parent b5ae4aae4a
commit 2a72d984c9
1 changed files with 2 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
http/cves/2024/CVE-2024-32651.yaml
View File

@ -5,8 +5,7 @@ info:
author: edoardottt
severity: critical
description: |
A Server Side Template Injection in changedetection.io
caused by usage of unsafe functions of Jinja2 allows Remote Command Execution on the server host.
A Server Side Template Injection in changedetection.io caused by usage of unsafe functions of Jinja2 allows Remote Command Execution on the server host.
reference:
- https://nvd.nist.gov/vuln/detail/CVE-2024-32651
- https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-4r7v-whpg-8rx3
@ -45,4 +44,4 @@ requests:
- type: dsl
dsl:
- compare_versions(version, '<= 0.45.20')
- compare_versions(version, '<= 0.45.20')