data/reports/GO-2024-2462.yaml - vulndb - Git at Google

 id: GO-2024-2462
 modules:
     - module: github.com/0xJacky/Nginx-UI
       versions:
         - fixed: 1.9.10-0.20231219184941-827e76c46e63
       vulnerable_at: 1.9.10-0.20231219042952-0a9e23daf406
       packages:
         - package: github.com/0xJacky/Nginx-UI/api/system
           symbols:
             - GetSettings
             - SaveSettings
 summary: Arbitrary command execution in github.com/0xJacky/Nginx-UI
 cves:
     - CVE-2024-22198
 ghsas:
     - GHSA-8r25-68wm-jw35
 credits:
     - '@jorgectf'
 references:
     - fix: https://github.com/0xJacky/nginx-ui/commit/827e76c46e63c52114a62a899f61313039c754e3
     - advisory: https://github.com/advisories/GHSA-8r25-68wm-jw35
	id: GO-2024-2462
	modules:
	- module: github.com/0xJacky/Nginx-UI
	versions:
	- fixed: 1.9.10-0.20231219184941-827e76c46e63
	vulnerable_at: 1.9.10-0.20231219042952-0a9e23daf406
	packages:
	- package: github.com/0xJacky/Nginx-UI/api/system
	symbols:
	- GetSettings
	- SaveSettings
	summary: Arbitrary command execution in github.com/0xJacky/Nginx-UI
	cves:
	- CVE-2024-22198
	ghsas:
	- GHSA-8r25-68wm-jw35
	credits:
	- '@jorgectf'
	references:
	- fix: https://github.com/0xJacky/nginx-ui/commit/827e76c46e63c52114a62a899f61313039c754e3
	- advisory: https://github.com/advisories/GHSA-8r25-68wm-jw35