Количество 2
Количество 2
CVE-2024-57177
A host header injection vulnerability exists in the NPM package of perfood/couch-auth <= 0.21.2. By sending a specially crafted host header in the email change confirmation request, it is possible to trigger a SSTI which can be leveraged to run limited commands or leak server-side information
GHSA-r385-c5fc-x56c
CouchAuth has a Server-Side Template Injection vulnerability in its email functionality
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-57177 A host header injection vulnerability exists in the NPM package of perfood/couch-auth <= 0.21.2. By sending a specially crafted host header in the email change confirmation request, it is possible to trigger a SSTI which can be leveraged to run limited commands or leak server-side information | CVSS3: 7.3 | 0% Низкий | 12 месяцев назад |
| GHSA-r385-c5fc-x56c CouchAuth has a Server-Side Template Injection vulnerability in its email functionality | CVSS3: 4.3 | 0% Низкий | 12 месяцев назад |
Уязвимостей на страницу