CVE-2024-0195

Common Vulnerabilities and Exposures

Last Post by worldlovely 11 months ago

1 Posts

1 Users

0 Reactions

730 Views

RSS

worldlovely

(@worldlovely)

Posts: 97

Trusted Member

Topic starter

Description

A vulnerability, which was classified as critical, was found in spider-flow 0.4.3. Affected is the function FunctionService.saveFunction of the file src/main/java/org/spiderflow/controller/FunctionController.java. The manipulation leads to code injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-249510 is the identifier assigned to this vulnerability.

References

MISC: https://github.com/laoquanshi/puppy/blob/main/spider-flow%20code%20injection%20causes%20rce.md
URL: https://github.com/laoquanshi/puppy/blob/main/spider-flow%20code%20injection%20causes%20rce.md
MISC: https://vuldb.com/?ctiid.249510
URL: https://vuldb.com/?ctiid.249510
MISC: https://vuldb.com/?id.249510
URL: https://vuldb.com/?id.249510

Posted : 23/10/2024 12:03 am

Forum Icons: Forum contains no unread posts Forum contains unread posts

Topic Icons: Not Replied Replied Active Hot Sticky Unapproved Solved Private Closed