Lucene search

CVE-2024-37301 document-merge-service vulnerable to Remote Code Execution via Server-Side Template Injection

🗓️ 11 Jun 2024 18:38:34Reported by GitHub_MType

Document Merge Service CVE-2024-37301 vulnerability in template merge API

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 7
OSV	CVE-2024-37301	11 Jun 202419:16	–	osv
OSV	GHSA-V5GF-R78H-55Q6 document-merge-service vulnerable to Remote Code Execution via Server-Side Template Injection	11 Jun 202420:22	–	osv
Veracode	Server-side Template Injection (SSTI)	13 Jun 202404:43	–	veracode
CVE	CVE-2024-37301	11 Jun 202419:16	–	cve
NVD	CVE-2024-37301	11 Jun 202419:16	–	nvd
Github Security Blog	document-merge-service vulnerable to Remote Code Execution via Server-Side Template Injection	11 Jun 202420:22	–	github
Vulnrichment	CVE-2024-37301 document-merge-service vulnerable to Remote Code Execution via Server-Side Template Injection	11 Jun 202418:34	–	vulnrichment

[
  {
    "vendor": "adfinis",
    "product": "document-merge-service",
    "versions": [
      {
        "version": "< 6.5.2",
        "status": "affected"
      }
    ]
  }
]

Source	Link
github	www.github.com/adfinis/document-merge-service/security/advisories/GHSA-v5gf-r78h-55q6
github	www.github.com/adfinis/document-merge-service/commit/a1edd39d33d1bdf75c31ea01c317547be90ca074

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

11 Jun 2024 18:34Current

CVSS39.9

EPSS0.01298

CWE-1336