Search criteria
11 vulnerabilities found for nuclei by projectdiscovery
FKIE_CVE-2024-43405
Vulnerability from fkie_nvd - Published: 2024-09-04 16:15 - Updated: 2024-10-01 15:37
Severity ?
7.4 (High) - CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
Nuclei is a vulnerability scanner powered by YAML based templates. Starting in version 3.0.0 and prior to version 3.3.2, a vulnerability in Nuclei's template signature verification system could allow an attacker to bypass the signature check and possibly execute malicious code via custom code template. The vulnerability is present in the template signature verification process, specifically in the `signer` package. The vulnerability stems from a discrepancy between how the signature verification process and the YAML parser handle newline characters, combined with the way multiple signatures are processed. This allows an attacker to inject malicious content into a template while maintaining a valid signature for the benign part of the template. CLI users are affected if they execute custom code templates from unverified sources. This includes templates authored by third parties or obtained from unverified repositories. SDK Users are affected if they are developers integrating Nuclei into their platforms, particularly if they permit the execution of custom code templates by end-users. The vulnerability is addressed in Nuclei v3.3.2. Users are strongly recommended to update to this version to mitigate the security risk. As an interim measure, users should refrain from using custom templates if unable to upgrade immediately. Only trusted, verified templates should be executed. Those who are unable to upgrade Nuclei should disable running custom code templates as a workaround.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| projectdiscovery | nuclei | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:projectdiscovery:nuclei:*:*:*:*:*:go:*:*",
"matchCriteriaId": "82094046-7D35-4A48-8D10-AA7C249AE8B2",
"versionEndExcluding": "3.3.2",
"versionStartIncluding": "3.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Nuclei is a vulnerability scanner powered by YAML based templates. Starting in version 3.0.0 and prior to version 3.3.2, a vulnerability in Nuclei\u0027s template signature verification system could allow an attacker to bypass the signature check and possibly execute malicious code via custom code template. The vulnerability is present in the template signature verification process, specifically in the `signer` package. The vulnerability stems from a discrepancy between how the signature verification process and the YAML parser handle newline characters, combined with the way multiple signatures are processed. This allows an attacker to inject malicious content into a template while maintaining a valid signature for the benign part of the template. CLI users are affected if they execute custom code templates from unverified sources. This includes templates authored by third parties or obtained from unverified repositories. SDK Users are affected if they are developers integrating Nuclei into their platforms, particularly if they permit the execution of custom code templates by end-users. The vulnerability is addressed in Nuclei v3.3.2. Users are strongly recommended to update to this version to mitigate the security risk. As an interim measure, users should refrain from using custom templates if unable to upgrade immediately. Only trusted, verified templates should be executed. Those who are unable to upgrade Nuclei should disable running custom code templates as a workaround."
},
{
"lang": "es",
"value": "Nuclei es un esc\u00e1ner de vulnerabilidades que funciona con plantillas basadas en YAML. A partir de la versi\u00f3n 3.0.0 y antes de la versi\u00f3n 3.3.2, una vulnerabilidad en el sistema de verificaci\u00f3n de firmas de plantillas de Nuclei podr\u00eda permitir a un atacante eludir la verificaci\u00f3n de firmas y posiblemente ejecutar c\u00f3digo malicioso a trav\u00e9s de una plantilla de c\u00f3digo personalizada. La vulnerabilidad est\u00e1 presente en el proceso de verificaci\u00f3n de firmas de plantillas, espec\u00edficamente en el paquete `signer`. La vulnerabilidad se origina en una discrepancia entre c\u00f3mo el proceso de verificaci\u00f3n de firmas y el analizador YAML manejan los caracteres de nueva l\u00ednea, combinado con la forma en que se procesan m\u00faltiples firmas. Esto permite a un atacante inyectar contenido malicioso en una plantilla mientras mantiene una firma v\u00e1lida para la parte benigna de la plantilla. Los usuarios de CLI se ven afectados si ejecutan plantillas de c\u00f3digo personalizadas de fuentes no verificadas. Esto incluye plantillas creadas por terceros u obtenidas de repositorios no verificados. Los usuarios de SDK se ven afectados si son desarrolladores que integran Nuclei en sus plataformas, en particular si permiten la ejecuci\u00f3n de plantillas de c\u00f3digo personalizadas por parte de los usuarios finales. La vulnerabilidad se soluciona en Nuclei v3.3.2. Se recomienda encarecidamente a los usuarios que actualicen a esta versi\u00f3n para mitigar el riesgo de seguridad. Como medida provisoria, los usuarios deben abstenerse de utilizar plantillas personalizadas si no pueden actualizar de inmediato. Solo se deben ejecutar plantillas verificadas y confiables. Aquellos que no puedan actualizar Nuclei deben deshabilitar la ejecuci\u00f3n de plantillas de c\u00f3digo personalizadas como workaround."
}
],
"id": "CVE-2024-43405",
"lastModified": "2024-10-01T15:37:37.337",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.0,
"impactScore": 5.8,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-09-04T16:15:06.853",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Patch"
],
"url": "https://github.com/projectdiscovery/nuclei/commit/0da993afe6d41b4b1b814e8fad23a2acba13c60a"
},
{
"source": "security-advisories@github.com",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://github.com/projectdiscovery/nuclei/security/advisories/GHSA-7h5p-mmpp-hgmm"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2024-27920
Vulnerability from fkie_nvd - Published: 2024-03-15 20:15 - Updated: 2025-12-05 17:24
Severity ?
Summary
projectdiscovery/nuclei is a fast and customisable vulnerability scanner based on simple YAML based DSL. A significant security oversight was identified in Nuclei v3, involving the execution of unsigned code templates through workflows. This vulnerability specifically affects users utilizing custom workflows, potentially allowing the execution of malicious code on the user's system. This advisory outlines the impacted users, provides details on the security patch, and suggests mitigation strategies. The vulnerability is addressed in Nuclei v3.2.0. Users are strongly recommended to update to this version to mitigate the security risk. Users should refrain from using custom workflows if unable to upgrade immediately. Only trusted, verified workflows should be executed.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| projectdiscovery | nuclei | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:projectdiscovery:nuclei:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B74D430C-1727-43DD-B55A-39AE5F32B72E",
"versionEndExcluding": "3.2.0",
"versionStartIncluding": "3.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "projectdiscovery/nuclei is a fast and customisable vulnerability scanner based on simple YAML based DSL. A significant security oversight was identified in Nuclei v3, involving the execution of unsigned code templates through workflows. This vulnerability specifically affects users utilizing custom workflows, potentially allowing the execution of malicious code on the user\u0027s system. This advisory outlines the impacted users, provides details on the security patch, and suggests mitigation strategies. The vulnerability is addressed in Nuclei v3.2.0. Users are strongly recommended to update to this version to mitigate the security risk. Users should refrain from using custom workflows if unable to upgrade immediately. Only trusted, verified workflows should be executed."
},
{
"lang": "es",
"value": "projectdiscovery/nuclei es un esc\u00e1ner de vulnerabilidades r\u00e1pido y personalizable basado en DSL simple basado en YAML. Se identific\u00f3 un importante descuido de seguridad en Nuclei v3, que implica la ejecuci\u00f3n de plantillas de c\u00f3digo sin firmar a trav\u00e9s de flujos de trabajo. Esta vulnerabilidad afecta espec\u00edficamente a los usuarios que utilizan flujos de trabajo personalizados, lo que potencialmente permite la ejecuci\u00f3n de c\u00f3digo malicioso en el sistema del usuario. Este aviso describe a los usuarios afectados, proporciona detalles sobre el parche de seguridad y sugiere estrategias de mitigaci\u00f3n. La vulnerabilidad se aborda en Nuclei v3.2.0. Se recomienda encarecidamente a los usuarios que actualicen a esta versi\u00f3n para mitigar el riesgo de seguridad. Los usuarios deben abstenerse de utilizar flujos de trabajo personalizados si no pueden actualizar inmediatamente. S\u00f3lo se deben ejecutar flujos de trabajo confiables y verificados."
}
],
"id": "CVE-2024-27920",
"lastModified": "2025-12-05T17:24:36.960",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.0,
"impactScore": 5.8,
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
},
"published": "2024-03-15T20:15:09.360",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Technical Description"
],
"url": "https://docs.projectdiscovery.io/templates/protocols/code"
},
{
"source": "security-advisories@github.com",
"tags": [
"Technical Description"
],
"url": "https://docs.projectdiscovery.io/templates/reference/template-signing"
},
{
"source": "security-advisories@github.com",
"tags": [
"Technical Description"
],
"url": "https://docs.projectdiscovery.io/templates/workflows/overview"
},
{
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking"
],
"url": "https://github.com/projectdiscovery/nuclei/pull/4822"
},
{
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/projectdiscovery/nuclei/security/advisories/GHSA-w5wx-6g2r-r78q"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Technical Description"
],
"url": "https://docs.projectdiscovery.io/templates/protocols/code"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Technical Description"
],
"url": "https://docs.projectdiscovery.io/templates/reference/template-signing"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Technical Description"
],
"url": "https://docs.projectdiscovery.io/templates/workflows/overview"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://github.com/projectdiscovery/nuclei/pull/4822"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/projectdiscovery/nuclei/security/advisories/GHSA-w5wx-6g2r-r78q"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2023-37896
Vulnerability from fkie_nvd - Published: 2023-08-04 16:15 - Updated: 2024-11-21 08:12
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
Nuclei is a vulnerability scanner. Prior to version 2.9.9, a security issue in the Nuclei project affected users utilizing Nuclei as Go code (SDK) running custom templates. This issue did not affect CLI users. The problem was related to sanitization issues with payload loading in sandbox mode. There was a potential risk with payloads loading in sandbox mode. The issue occurred due to relative paths not being converted to absolute paths before doing the check for `sandbox` flag allowing arbitrary files to be read on the filesystem in certain cases when using Nuclei from `Go` SDK implementation.
This issue has been fixed in version 2.9.9. The maintainers have also enabled sandbox by default for filesystem loading. This can be optionally disabled if required. The `-sandbox` option has been deprecated and is now divided into two new options: `-lfa` (allow local file access) which is enabled by default and `-lna` (restrict local network access) which can be enabled by users optionally. The `-lfa` allows file (payload) access anywhere on the system (disabling sandbox effectively), and `-lna` blocks connections to the local/private network.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| projectdiscovery | nuclei | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:projectdiscovery:nuclei:*:*:*:*:*:go:*:*",
"matchCriteriaId": "645B1A56-6CB4-40CC-B443-38CB78CA657B",
"versionEndExcluding": "2.9.9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Nuclei is a vulnerability scanner. Prior to version 2.9.9, a security issue in the Nuclei project affected users utilizing Nuclei as Go code (SDK) running custom templates. This issue did not affect CLI users. The problem was related to sanitization issues with payload loading in sandbox mode. There was a potential risk with payloads loading in sandbox mode. The issue occurred due to relative paths not being converted to absolute paths before doing the check for `sandbox` flag allowing arbitrary files to be read on the filesystem in certain cases when using Nuclei from `Go` SDK implementation. \n\nThis issue has been fixed in version 2.9.9. The maintainers have also enabled sandbox by default for filesystem loading. This can be optionally disabled if required. The `-sandbox` option has been deprecated and is now divided into two new options: `-lfa` (allow local file access) which is enabled by default and `-lna` (restrict local network access) which can be enabled by users optionally. The `-lfa` allows file (payload) access anywhere on the system (disabling sandbox effectively), and `-lna` blocks connections to the local/private network."
},
{
"lang": "es",
"value": "\"Nuclei es un esc\u00e1ner de vulnerabilidades. Antes de la versi\u00f3n 2.9.9, un problema de seguridad en el proyecto Nuclei afectaba a los usuarios que utilizaban Nuclei como c\u00f3digo Go (SDK) ejecutando plantillas personalizadas. Este problema no afectaba a los usuarios de CLI. El problema estaba relacionado con problemas de sanitizaci\u00f3n con la carga de payload en modo sandbox. Exist\u00eda un riesgo potencial con la carga de payloads en modo sandbox. El problema se deb\u00eda a que las rutas relativas no se convert\u00edan en rutas absolutas antes de realizar la comprobaci\u00f3n del indicador `sandbox`, lo que permit\u00eda la lectura de archivos arbitrarios en el sistema de archivos en determinados casos cuando se utilizaba la implementaci\u00f3n del SDK Nuclei from `Go`. \n\nEste problema se ha solucionado en la versi\u00f3n 2.9.9. Los mantenedores tambi\u00e9n han habilitado sandbox por defecto para la carga del sistema de archivos. Esto se puede desactivar opcionalmente si es necesario. La opci\u00f3n `-sandbox` ha quedado obsoleta y ahora se divide en dos nuevas opciones: `-lfa` (permitir el acceso local a ficheros) que est\u00e1 activada por defecto y `-lna` (restringir el acceso local a la red) que puede ser activada por los usuarios opcionalmente. El `-lfa` permite el acceso a archivos (payload) en cualquier parte del sistema (deshabilitando efectivamente el sandbox), y `-lna` bloquea las conexiones a la red local/privada.\""
}
],
"id": "CVE-2023-37896",
"lastModified": "2024-11-21T08:12:25.037",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-08-04T16:15:09.847",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking"
],
"url": "https://github.com/projectdiscovery/nuclei/pull/3927"
},
{
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
],
"url": "https://github.com/projectdiscovery/nuclei/releases/tag/v2.9.9"
},
{
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/projectdiscovery/nuclei/security/advisories/GHSA-2xx4-jj5v-6mff"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://github.com/projectdiscovery/nuclei/pull/3927"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://github.com/projectdiscovery/nuclei/releases/tag/v2.9.9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/projectdiscovery/nuclei/security/advisories/GHSA-2xx4-jj5v-6mff"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
}
CVE-2024-43405 (GCVE-0-2024-43405)
Vulnerability from cvelistv5 – Published: 2024-09-04 15:36 – Updated: 2024-09-04 16:21
VLAI?
Title
Nuclei Template Signature Verification Bypass
Summary
Nuclei is a vulnerability scanner powered by YAML based templates. Starting in version 3.0.0 and prior to version 3.3.2, a vulnerability in Nuclei's template signature verification system could allow an attacker to bypass the signature check and possibly execute malicious code via custom code template. The vulnerability is present in the template signature verification process, specifically in the `signer` package. The vulnerability stems from a discrepancy between how the signature verification process and the YAML parser handle newline characters, combined with the way multiple signatures are processed. This allows an attacker to inject malicious content into a template while maintaining a valid signature for the benign part of the template. CLI users are affected if they execute custom code templates from unverified sources. This includes templates authored by third parties or obtained from unverified repositories. SDK Users are affected if they are developers integrating Nuclei into their platforms, particularly if they permit the execution of custom code templates by end-users. The vulnerability is addressed in Nuclei v3.3.2. Users are strongly recommended to update to this version to mitigate the security risk. As an interim measure, users should refrain from using custom templates if unable to upgrade immediately. Only trusted, verified templates should be executed. Those who are unable to upgrade Nuclei should disable running custom code templates as a workaround.
Severity ?
7.4 (High)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| projectdiscovery | nuclei |
Affected:
>= 3.0.0, < 3.3.2
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:projectdiscovery:nuclei:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "nuclei",
"vendor": "projectdiscovery",
"versions": [
{
"lessThan": "3.3.2",
"status": "affected",
"version": "3.0.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-43405",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-04T16:21:03.366044Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-04T16:21:54.357Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "nuclei",
"vendor": "projectdiscovery",
"versions": [
{
"status": "affected",
"version": "\u003e= 3.0.0, \u003c 3.3.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Nuclei is a vulnerability scanner powered by YAML based templates. Starting in version 3.0.0 and prior to version 3.3.2, a vulnerability in Nuclei\u0027s template signature verification system could allow an attacker to bypass the signature check and possibly execute malicious code via custom code template. The vulnerability is present in the template signature verification process, specifically in the `signer` package. The vulnerability stems from a discrepancy between how the signature verification process and the YAML parser handle newline characters, combined with the way multiple signatures are processed. This allows an attacker to inject malicious content into a template while maintaining a valid signature for the benign part of the template. CLI users are affected if they execute custom code templates from unverified sources. This includes templates authored by third parties or obtained from unverified repositories. SDK Users are affected if they are developers integrating Nuclei into their platforms, particularly if they permit the execution of custom code templates by end-users. The vulnerability is addressed in Nuclei v3.3.2. Users are strongly recommended to update to this version to mitigate the security risk. As an interim measure, users should refrain from using custom templates if unable to upgrade immediately. Only trusted, verified templates should be executed. Those who are unable to upgrade Nuclei should disable running custom code templates as a workaround."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-04T15:36:23.277Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/projectdiscovery/nuclei/security/advisories/GHSA-7h5p-mmpp-hgmm",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/projectdiscovery/nuclei/security/advisories/GHSA-7h5p-mmpp-hgmm"
},
{
"name": "https://github.com/projectdiscovery/nuclei/commit/0da993afe6d41b4b1b814e8fad23a2acba13c60a",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/projectdiscovery/nuclei/commit/0da993afe6d41b4b1b814e8fad23a2acba13c60a"
}
],
"source": {
"advisory": "GHSA-7h5p-mmpp-hgmm",
"discovery": "UNKNOWN"
},
"title": "Nuclei Template Signature Verification Bypass"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-43405",
"datePublished": "2024-09-04T15:36:23.277Z",
"dateReserved": "2024-08-12T18:02:04.966Z",
"dateUpdated": "2024-09-04T16:21:54.357Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-40641 (GCVE-0-2024-40641)
Vulnerability from cvelistv5 – Published: 2024-07-17 17:34 – Updated: 2024-08-13 20:55
VLAI?
Title
Unsigned code template execution through workflows in projectdiscovery/nuclei
Summary
Nuclei is a fast and customizable vulnerability scanner based on simple YAML based DSL. In affected versions it a way to execute code template without -code option and signature has been discovered. Some web applications inherit from Nuclei and allow users to edit and execute workflow files. In this case, users can execute arbitrary commands. (Although, as far as I know, most web applications use -t to execute). This issue has been addressed in version 3.3.0. Users are advised to upgrade. There are no known workarounds for this vulnerability.
Severity ?
7.4 (High)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| projectdiscovery | nuclei |
Affected:
>= 3.0.0, < 3.3.0
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:projectdiscovery:nuclei:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "nuclei",
"vendor": "projectdiscovery",
"versions": [
{
"lessThan": "3.3.0",
"status": "affected",
"version": "3.0.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-40641",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-30T17:18:43.495871Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-13T20:55:48.064Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:33:11.961Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/projectdiscovery/nuclei/security/advisories/GHSA-c3q9-c27p-cw9h",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/projectdiscovery/nuclei/security/advisories/GHSA-c3q9-c27p-cw9h"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "nuclei",
"vendor": "projectdiscovery",
"versions": [
{
"status": "affected",
"version": "\u003e= 3.0.0, \u003c 3.3.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Nuclei is a fast and customizable vulnerability scanner based on simple YAML based DSL. In affected versions it a way to execute code template without -code option and signature has been discovered. Some web applications inherit from Nuclei and allow users to edit and execute workflow files. In this case, users can execute arbitrary commands. (Although, as far as I know, most web applications use -t to execute). This issue has been addressed in version 3.3.0. Users are advised to upgrade. There are no known workarounds for this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-17T17:34:10.792Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/projectdiscovery/nuclei/security/advisories/GHSA-c3q9-c27p-cw9h",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/projectdiscovery/nuclei/security/advisories/GHSA-c3q9-c27p-cw9h"
}
],
"source": {
"advisory": "GHSA-c3q9-c27p-cw9h",
"discovery": "UNKNOWN"
},
"title": "Unsigned code template execution through workflows in projectdiscovery/nuclei"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-40641",
"datePublished": "2024-07-17T17:34:10.792Z",
"dateReserved": "2024-07-08T16:13:15.512Z",
"dateUpdated": "2024-08-13T20:55:48.064Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-27920 (GCVE-0-2024-27920)
Vulnerability from cvelistv5 – Published: 2024-03-15 19:25 – Updated: 2024-08-02 00:41
VLAI?
Title
Unsigned code template execution through workflows in projectdiscovery/nuclei
Summary
projectdiscovery/nuclei is a fast and customisable vulnerability scanner based on simple YAML based DSL. A significant security oversight was identified in Nuclei v3, involving the execution of unsigned code templates through workflows. This vulnerability specifically affects users utilizing custom workflows, potentially allowing the execution of malicious code on the user's system. This advisory outlines the impacted users, provides details on the security patch, and suggests mitigation strategies. The vulnerability is addressed in Nuclei v3.2.0. Users are strongly recommended to update to this version to mitigate the security risk. Users should refrain from using custom workflows if unable to upgrade immediately. Only trusted, verified workflows should be executed.
Severity ?
7.4 (High)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| projectdiscovery | nuclei |
Affected:
>= 3.0.0, < 3.2.0
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27920",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-18T20:25:37.853990Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:46:39.282Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:41:55.794Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/projectdiscovery/nuclei/security/advisories/GHSA-w5wx-6g2r-r78q",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/projectdiscovery/nuclei/security/advisories/GHSA-w5wx-6g2r-r78q"
},
{
"name": "https://github.com/projectdiscovery/nuclei/pull/4822",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/projectdiscovery/nuclei/pull/4822"
},
{
"name": "https://docs.projectdiscovery.io/templates/protocols/code",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.projectdiscovery.io/templates/protocols/code"
},
{
"name": "https://docs.projectdiscovery.io/templates/reference/template-signing",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.projectdiscovery.io/templates/reference/template-signing"
},
{
"name": "https://docs.projectdiscovery.io/templates/workflows/overview",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.projectdiscovery.io/templates/workflows/overview"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "nuclei",
"vendor": "projectdiscovery",
"versions": [
{
"status": "affected",
"version": "\u003e= 3.0.0, \u003c 3.2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "projectdiscovery/nuclei is a fast and customisable vulnerability scanner based on simple YAML based DSL. A significant security oversight was identified in Nuclei v3, involving the execution of unsigned code templates through workflows. This vulnerability specifically affects users utilizing custom workflows, potentially allowing the execution of malicious code on the user\u0027s system. This advisory outlines the impacted users, provides details on the security patch, and suggests mitigation strategies. The vulnerability is addressed in Nuclei v3.2.0. Users are strongly recommended to update to this version to mitigate the security risk. Users should refrain from using custom workflows if unable to upgrade immediately. Only trusted, verified workflows should be executed."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-15T19:25:00.748Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/projectdiscovery/nuclei/security/advisories/GHSA-w5wx-6g2r-r78q",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/projectdiscovery/nuclei/security/advisories/GHSA-w5wx-6g2r-r78q"
},
{
"name": "https://github.com/projectdiscovery/nuclei/pull/4822",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/projectdiscovery/nuclei/pull/4822"
},
{
"name": "https://docs.projectdiscovery.io/templates/protocols/code",
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.projectdiscovery.io/templates/protocols/code"
},
{
"name": "https://docs.projectdiscovery.io/templates/reference/template-signing",
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.projectdiscovery.io/templates/reference/template-signing"
},
{
"name": "https://docs.projectdiscovery.io/templates/workflows/overview",
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.projectdiscovery.io/templates/workflows/overview"
}
],
"source": {
"advisory": "GHSA-w5wx-6g2r-r78q",
"discovery": "UNKNOWN"
},
"title": "Unsigned code template execution through workflows in projectdiscovery/nuclei"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-27920",
"datePublished": "2024-03-15T19:25:00.748Z",
"dateReserved": "2024-02-28T15:14:14.214Z",
"dateUpdated": "2024-08-02T00:41:55.794Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-37896 (GCVE-0-2023-37896)
Vulnerability from cvelistv5 – Published: 2023-08-04 15:34 – Updated: 2024-10-08 18:13
VLAI?
Title
Nuclei Path Traversal vulnerability
Summary
Nuclei is a vulnerability scanner. Prior to version 2.9.9, a security issue in the Nuclei project affected users utilizing Nuclei as Go code (SDK) running custom templates. This issue did not affect CLI users. The problem was related to sanitization issues with payload loading in sandbox mode. There was a potential risk with payloads loading in sandbox mode. The issue occurred due to relative paths not being converted to absolute paths before doing the check for `sandbox` flag allowing arbitrary files to be read on the filesystem in certain cases when using Nuclei from `Go` SDK implementation.
This issue has been fixed in version 2.9.9. The maintainers have also enabled sandbox by default for filesystem loading. This can be optionally disabled if required. The `-sandbox` option has been deprecated and is now divided into two new options: `-lfa` (allow local file access) which is enabled by default and `-lna` (restrict local network access) which can be enabled by users optionally. The `-lfa` allows file (payload) access anywhere on the system (disabling sandbox effectively), and `-lna` blocks connections to the local/private network.
Severity ?
7.5 (High)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| projectdiscovery | nuclei |
Affected:
< 2.9.9
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:23:27.498Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/projectdiscovery/nuclei/security/advisories/GHSA-2xx4-jj5v-6mff",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/projectdiscovery/nuclei/security/advisories/GHSA-2xx4-jj5v-6mff"
},
{
"name": "https://github.com/projectdiscovery/nuclei/pull/3927",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/projectdiscovery/nuclei/pull/3927"
},
{
"name": "https://github.com/projectdiscovery/nuclei/releases/tag/v2.9.9",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/projectdiscovery/nuclei/releases/tag/v2.9.9"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:projectdiscovery:nuclei:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "nuclei",
"vendor": "projectdiscovery",
"versions": [
{
"lessThan": "2.9.9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-37896",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-08T18:12:59.150485Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-08T18:13:54.292Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "nuclei",
"vendor": "projectdiscovery",
"versions": [
{
"status": "affected",
"version": "\u003c 2.9.9"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Nuclei is a vulnerability scanner. Prior to version 2.9.9, a security issue in the Nuclei project affected users utilizing Nuclei as Go code (SDK) running custom templates. This issue did not affect CLI users. The problem was related to sanitization issues with payload loading in sandbox mode. There was a potential risk with payloads loading in sandbox mode. The issue occurred due to relative paths not being converted to absolute paths before doing the check for `sandbox` flag allowing arbitrary files to be read on the filesystem in certain cases when using Nuclei from `Go` SDK implementation. \n\nThis issue has been fixed in version 2.9.9. The maintainers have also enabled sandbox by default for filesystem loading. This can be optionally disabled if required. The `-sandbox` option has been deprecated and is now divided into two new options: `-lfa` (allow local file access) which is enabled by default and `-lna` (restrict local network access) which can be enabled by users optionally. The `-lfa` allows file (payload) access anywhere on the system (disabling sandbox effectively), and `-lna` blocks connections to the local/private network."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-04T15:34:11.804Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/projectdiscovery/nuclei/security/advisories/GHSA-2xx4-jj5v-6mff",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/projectdiscovery/nuclei/security/advisories/GHSA-2xx4-jj5v-6mff"
},
{
"name": "https://github.com/projectdiscovery/nuclei/pull/3927",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/projectdiscovery/nuclei/pull/3927"
},
{
"name": "https://github.com/projectdiscovery/nuclei/releases/tag/v2.9.9",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/projectdiscovery/nuclei/releases/tag/v2.9.9"
}
],
"source": {
"advisory": "GHSA-2xx4-jj5v-6mff",
"discovery": "UNKNOWN"
},
"title": "Nuclei Path Traversal vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-37896",
"datePublished": "2023-08-04T15:34:11.804Z",
"dateReserved": "2023-07-10T17:51:29.609Z",
"dateUpdated": "2024-10-08T18:13:54.292Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-43405 (GCVE-0-2024-43405)
Vulnerability from nvd – Published: 2024-09-04 15:36 – Updated: 2024-09-04 16:21
VLAI?
Title
Nuclei Template Signature Verification Bypass
Summary
Nuclei is a vulnerability scanner powered by YAML based templates. Starting in version 3.0.0 and prior to version 3.3.2, a vulnerability in Nuclei's template signature verification system could allow an attacker to bypass the signature check and possibly execute malicious code via custom code template. The vulnerability is present in the template signature verification process, specifically in the `signer` package. The vulnerability stems from a discrepancy between how the signature verification process and the YAML parser handle newline characters, combined with the way multiple signatures are processed. This allows an attacker to inject malicious content into a template while maintaining a valid signature for the benign part of the template. CLI users are affected if they execute custom code templates from unverified sources. This includes templates authored by third parties or obtained from unverified repositories. SDK Users are affected if they are developers integrating Nuclei into their platforms, particularly if they permit the execution of custom code templates by end-users. The vulnerability is addressed in Nuclei v3.3.2. Users are strongly recommended to update to this version to mitigate the security risk. As an interim measure, users should refrain from using custom templates if unable to upgrade immediately. Only trusted, verified templates should be executed. Those who are unable to upgrade Nuclei should disable running custom code templates as a workaround.
Severity ?
7.4 (High)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| projectdiscovery | nuclei |
Affected:
>= 3.0.0, < 3.3.2
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:projectdiscovery:nuclei:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "nuclei",
"vendor": "projectdiscovery",
"versions": [
{
"lessThan": "3.3.2",
"status": "affected",
"version": "3.0.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-43405",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-04T16:21:03.366044Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-04T16:21:54.357Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "nuclei",
"vendor": "projectdiscovery",
"versions": [
{
"status": "affected",
"version": "\u003e= 3.0.0, \u003c 3.3.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Nuclei is a vulnerability scanner powered by YAML based templates. Starting in version 3.0.0 and prior to version 3.3.2, a vulnerability in Nuclei\u0027s template signature verification system could allow an attacker to bypass the signature check and possibly execute malicious code via custom code template. The vulnerability is present in the template signature verification process, specifically in the `signer` package. The vulnerability stems from a discrepancy between how the signature verification process and the YAML parser handle newline characters, combined with the way multiple signatures are processed. This allows an attacker to inject malicious content into a template while maintaining a valid signature for the benign part of the template. CLI users are affected if they execute custom code templates from unverified sources. This includes templates authored by third parties or obtained from unverified repositories. SDK Users are affected if they are developers integrating Nuclei into their platforms, particularly if they permit the execution of custom code templates by end-users. The vulnerability is addressed in Nuclei v3.3.2. Users are strongly recommended to update to this version to mitigate the security risk. As an interim measure, users should refrain from using custom templates if unable to upgrade immediately. Only trusted, verified templates should be executed. Those who are unable to upgrade Nuclei should disable running custom code templates as a workaround."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-04T15:36:23.277Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/projectdiscovery/nuclei/security/advisories/GHSA-7h5p-mmpp-hgmm",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/projectdiscovery/nuclei/security/advisories/GHSA-7h5p-mmpp-hgmm"
},
{
"name": "https://github.com/projectdiscovery/nuclei/commit/0da993afe6d41b4b1b814e8fad23a2acba13c60a",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/projectdiscovery/nuclei/commit/0da993afe6d41b4b1b814e8fad23a2acba13c60a"
}
],
"source": {
"advisory": "GHSA-7h5p-mmpp-hgmm",
"discovery": "UNKNOWN"
},
"title": "Nuclei Template Signature Verification Bypass"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-43405",
"datePublished": "2024-09-04T15:36:23.277Z",
"dateReserved": "2024-08-12T18:02:04.966Z",
"dateUpdated": "2024-09-04T16:21:54.357Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-40641 (GCVE-0-2024-40641)
Vulnerability from nvd – Published: 2024-07-17 17:34 – Updated: 2024-08-13 20:55
VLAI?
Title
Unsigned code template execution through workflows in projectdiscovery/nuclei
Summary
Nuclei is a fast and customizable vulnerability scanner based on simple YAML based DSL. In affected versions it a way to execute code template without -code option and signature has been discovered. Some web applications inherit from Nuclei and allow users to edit and execute workflow files. In this case, users can execute arbitrary commands. (Although, as far as I know, most web applications use -t to execute). This issue has been addressed in version 3.3.0. Users are advised to upgrade. There are no known workarounds for this vulnerability.
Severity ?
7.4 (High)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| projectdiscovery | nuclei |
Affected:
>= 3.0.0, < 3.3.0
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:projectdiscovery:nuclei:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "nuclei",
"vendor": "projectdiscovery",
"versions": [
{
"lessThan": "3.3.0",
"status": "affected",
"version": "3.0.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-40641",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-30T17:18:43.495871Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-13T20:55:48.064Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:33:11.961Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/projectdiscovery/nuclei/security/advisories/GHSA-c3q9-c27p-cw9h",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/projectdiscovery/nuclei/security/advisories/GHSA-c3q9-c27p-cw9h"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "nuclei",
"vendor": "projectdiscovery",
"versions": [
{
"status": "affected",
"version": "\u003e= 3.0.0, \u003c 3.3.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Nuclei is a fast and customizable vulnerability scanner based on simple YAML based DSL. In affected versions it a way to execute code template without -code option and signature has been discovered. Some web applications inherit from Nuclei and allow users to edit and execute workflow files. In this case, users can execute arbitrary commands. (Although, as far as I know, most web applications use -t to execute). This issue has been addressed in version 3.3.0. Users are advised to upgrade. There are no known workarounds for this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-17T17:34:10.792Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/projectdiscovery/nuclei/security/advisories/GHSA-c3q9-c27p-cw9h",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/projectdiscovery/nuclei/security/advisories/GHSA-c3q9-c27p-cw9h"
}
],
"source": {
"advisory": "GHSA-c3q9-c27p-cw9h",
"discovery": "UNKNOWN"
},
"title": "Unsigned code template execution through workflows in projectdiscovery/nuclei"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-40641",
"datePublished": "2024-07-17T17:34:10.792Z",
"dateReserved": "2024-07-08T16:13:15.512Z",
"dateUpdated": "2024-08-13T20:55:48.064Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-27920 (GCVE-0-2024-27920)
Vulnerability from nvd – Published: 2024-03-15 19:25 – Updated: 2024-08-02 00:41
VLAI?
Title
Unsigned code template execution through workflows in projectdiscovery/nuclei
Summary
projectdiscovery/nuclei is a fast and customisable vulnerability scanner based on simple YAML based DSL. A significant security oversight was identified in Nuclei v3, involving the execution of unsigned code templates through workflows. This vulnerability specifically affects users utilizing custom workflows, potentially allowing the execution of malicious code on the user's system. This advisory outlines the impacted users, provides details on the security patch, and suggests mitigation strategies. The vulnerability is addressed in Nuclei v3.2.0. Users are strongly recommended to update to this version to mitigate the security risk. Users should refrain from using custom workflows if unable to upgrade immediately. Only trusted, verified workflows should be executed.
Severity ?
7.4 (High)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| projectdiscovery | nuclei |
Affected:
>= 3.0.0, < 3.2.0
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27920",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-18T20:25:37.853990Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:46:39.282Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:41:55.794Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/projectdiscovery/nuclei/security/advisories/GHSA-w5wx-6g2r-r78q",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/projectdiscovery/nuclei/security/advisories/GHSA-w5wx-6g2r-r78q"
},
{
"name": "https://github.com/projectdiscovery/nuclei/pull/4822",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/projectdiscovery/nuclei/pull/4822"
},
{
"name": "https://docs.projectdiscovery.io/templates/protocols/code",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.projectdiscovery.io/templates/protocols/code"
},
{
"name": "https://docs.projectdiscovery.io/templates/reference/template-signing",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.projectdiscovery.io/templates/reference/template-signing"
},
{
"name": "https://docs.projectdiscovery.io/templates/workflows/overview",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.projectdiscovery.io/templates/workflows/overview"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "nuclei",
"vendor": "projectdiscovery",
"versions": [
{
"status": "affected",
"version": "\u003e= 3.0.0, \u003c 3.2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "projectdiscovery/nuclei is a fast and customisable vulnerability scanner based on simple YAML based DSL. A significant security oversight was identified in Nuclei v3, involving the execution of unsigned code templates through workflows. This vulnerability specifically affects users utilizing custom workflows, potentially allowing the execution of malicious code on the user\u0027s system. This advisory outlines the impacted users, provides details on the security patch, and suggests mitigation strategies. The vulnerability is addressed in Nuclei v3.2.0. Users are strongly recommended to update to this version to mitigate the security risk. Users should refrain from using custom workflows if unable to upgrade immediately. Only trusted, verified workflows should be executed."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-15T19:25:00.748Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/projectdiscovery/nuclei/security/advisories/GHSA-w5wx-6g2r-r78q",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/projectdiscovery/nuclei/security/advisories/GHSA-w5wx-6g2r-r78q"
},
{
"name": "https://github.com/projectdiscovery/nuclei/pull/4822",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/projectdiscovery/nuclei/pull/4822"
},
{
"name": "https://docs.projectdiscovery.io/templates/protocols/code",
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.projectdiscovery.io/templates/protocols/code"
},
{
"name": "https://docs.projectdiscovery.io/templates/reference/template-signing",
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.projectdiscovery.io/templates/reference/template-signing"
},
{
"name": "https://docs.projectdiscovery.io/templates/workflows/overview",
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.projectdiscovery.io/templates/workflows/overview"
}
],
"source": {
"advisory": "GHSA-w5wx-6g2r-r78q",
"discovery": "UNKNOWN"
},
"title": "Unsigned code template execution through workflows in projectdiscovery/nuclei"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-27920",
"datePublished": "2024-03-15T19:25:00.748Z",
"dateReserved": "2024-02-28T15:14:14.214Z",
"dateUpdated": "2024-08-02T00:41:55.794Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-37896 (GCVE-0-2023-37896)
Vulnerability from nvd – Published: 2023-08-04 15:34 – Updated: 2024-10-08 18:13
VLAI?
Title
Nuclei Path Traversal vulnerability
Summary
Nuclei is a vulnerability scanner. Prior to version 2.9.9, a security issue in the Nuclei project affected users utilizing Nuclei as Go code (SDK) running custom templates. This issue did not affect CLI users. The problem was related to sanitization issues with payload loading in sandbox mode. There was a potential risk with payloads loading in sandbox mode. The issue occurred due to relative paths not being converted to absolute paths before doing the check for `sandbox` flag allowing arbitrary files to be read on the filesystem in certain cases when using Nuclei from `Go` SDK implementation.
This issue has been fixed in version 2.9.9. The maintainers have also enabled sandbox by default for filesystem loading. This can be optionally disabled if required. The `-sandbox` option has been deprecated and is now divided into two new options: `-lfa` (allow local file access) which is enabled by default and `-lna` (restrict local network access) which can be enabled by users optionally. The `-lfa` allows file (payload) access anywhere on the system (disabling sandbox effectively), and `-lna` blocks connections to the local/private network.
Severity ?
7.5 (High)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| projectdiscovery | nuclei |
Affected:
< 2.9.9
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:23:27.498Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/projectdiscovery/nuclei/security/advisories/GHSA-2xx4-jj5v-6mff",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/projectdiscovery/nuclei/security/advisories/GHSA-2xx4-jj5v-6mff"
},
{
"name": "https://github.com/projectdiscovery/nuclei/pull/3927",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/projectdiscovery/nuclei/pull/3927"
},
{
"name": "https://github.com/projectdiscovery/nuclei/releases/tag/v2.9.9",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/projectdiscovery/nuclei/releases/tag/v2.9.9"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:projectdiscovery:nuclei:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "nuclei",
"vendor": "projectdiscovery",
"versions": [
{
"lessThan": "2.9.9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-37896",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-08T18:12:59.150485Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-08T18:13:54.292Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "nuclei",
"vendor": "projectdiscovery",
"versions": [
{
"status": "affected",
"version": "\u003c 2.9.9"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Nuclei is a vulnerability scanner. Prior to version 2.9.9, a security issue in the Nuclei project affected users utilizing Nuclei as Go code (SDK) running custom templates. This issue did not affect CLI users. The problem was related to sanitization issues with payload loading in sandbox mode. There was a potential risk with payloads loading in sandbox mode. The issue occurred due to relative paths not being converted to absolute paths before doing the check for `sandbox` flag allowing arbitrary files to be read on the filesystem in certain cases when using Nuclei from `Go` SDK implementation. \n\nThis issue has been fixed in version 2.9.9. The maintainers have also enabled sandbox by default for filesystem loading. This can be optionally disabled if required. The `-sandbox` option has been deprecated and is now divided into two new options: `-lfa` (allow local file access) which is enabled by default and `-lna` (restrict local network access) which can be enabled by users optionally. The `-lfa` allows file (payload) access anywhere on the system (disabling sandbox effectively), and `-lna` blocks connections to the local/private network."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-04T15:34:11.804Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/projectdiscovery/nuclei/security/advisories/GHSA-2xx4-jj5v-6mff",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/projectdiscovery/nuclei/security/advisories/GHSA-2xx4-jj5v-6mff"
},
{
"name": "https://github.com/projectdiscovery/nuclei/pull/3927",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/projectdiscovery/nuclei/pull/3927"
},
{
"name": "https://github.com/projectdiscovery/nuclei/releases/tag/v2.9.9",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/projectdiscovery/nuclei/releases/tag/v2.9.9"
}
],
"source": {
"advisory": "GHSA-2xx4-jj5v-6mff",
"discovery": "UNKNOWN"
},
"title": "Nuclei Path Traversal vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-37896",
"datePublished": "2023-08-04T15:34:11.804Z",
"dateReserved": "2023-07-10T17:51:29.609Z",
"dateUpdated": "2024-10-08T18:13:54.292Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}