Lucene search

K
osvGoogleOSV:GO-2024-2815
HistoryJun 10, 2024 - 4:39 p.m.

Pterodactyl Wings vulnerable to Server-Side Request Forgery during remote file pull in github.com/pterodactyl/wings

2024-06-1016:39:03
Google
osv.dev
3
pterodactyl wings
ssrf
remote file pull
github
vulnerability

CVSS3

6.4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

AI Score

6.8

Confidence

Low

EPSS

0

Percentile

15.5%

Pterodactyl Wings vulnerable to Server-Side Request Forgery during remote file pull in github.com/pterodactyl/wings

CPENameOperatorVersion
github.com/pterodactyl/wingslt1.11.12

CVSS3

6.4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

AI Score

6.8

Confidence

Low

EPSS

0

Percentile

15.5%

Related for OSV:GO-2024-2815