added metadata & additional matcher

http/cves/2024/CVE-2024-21644.yaml

@@ -1,9 +1,9 @@
 id: CVE-2024-21644
 
 info:
-  name: pyload secretkey leak
+  name: pyload Flask Config - Access Control
   author: West-wise
-  severity: critical
+  severity: high
   description: |
     pyLoad is the free and open-source Download Manager written in pure Python. Any unauthenticated user can browse to a specific URL to expose the Flask config, including the `SECRET_KEY` variable. This issue has been patched in version 0.5.0b3.dev77.
   remediation: |
@@ -11,20 +11,23 @@ info:
   reference:
     - https://nvd.nist.gov/vuln/detail/CVE-2024-21644
     - https://github.com/advisories/GHSA-mqpq-2p68-46fv
+    - https://github.com/fkie-cad/nvd-json-data-feeds
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2024-21644
     cwe-id: CWE-284
-    epss-score: 0.001860000
+    epss-score: 0.00186
-    epss-percentile: 0.560180000
+    epss-percentile: 0.56007
     cpe: cpe:2.3:a:pyload:pyload:*:*:*:*:*:*:*:*
   metadata:
     verified: true
     max-request: 1
     vendor: pyload
     product: pyload
-  tags: cve,cve2024,python,pip
+    shodan-query: html:"pyload"
+    zoomeye-query: app:"pyLoad"
+  tags: cve,cve2024,python,pip,pyload
 
 http:
   - method: GET
@@ -36,7 +39,9 @@ http:
       - type: word
         part: body
         words:
-          - "SECRET_KEY"
+          - "'SECRET_KEY':"
+          - "'SESSION_COOKIE_SECURE':"
+        condition: and
 
       - type: status
         status: