Количество 2
Количество 2
CVE-2024-55657
SiYuan is a personal knowledge management system. Prior to version 3.1.16, an arbitrary file read vulnerability exists in Siyuan's `/api/template/render` endpoint. The absence of proper validation on the path parameter allows attackers to access sensitive files on the host system. Version 3.1.16 contains a patch for the issue.
GHSA-xx68-37v4-4596
SiYuan has an arbitrary file read via /api/template/render
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-55657 SiYuan is a personal knowledge management system. Prior to version 3.1.16, an arbitrary file read vulnerability exists in Siyuan's `/api/template/render` endpoint. The absence of proper validation on the path parameter allows attackers to access sensitive files on the host system. Version 3.1.16 contains a patch for the issue. | CVSS3: 7.5 | 0% Низкий | около 1 года назад |
| GHSA-xx68-37v4-4596 SiYuan has an arbitrary file read via /api/template/render | CVSS3: 7.5 | 0% Низкий | около 1 года назад |
Уязвимостей на страницу