elf-rss (>=2.5.0 <=2.5.4), gocqapi (>=0.1.3 <=0.1.4) +59 more potentially affected by CVE-2024-21624 via nonebot2 (>=2.0.0a16 <=2.1.3)

nonebot2 PYPI version =2.0.0a16, =2.5.0, =0.1.3, =1.2.0a0, =0.1.0, =0.1.0, =0.1.0, =0.3.4, =0.5.2, =2.0.0, =2.1.0 and more Source cves: CVE-2024-21624 Source advisory: OSV:GHSA-59J8-776V-XXXG...

NoneBot Security Breach

NoneBot is a modern, cross-platform, extensible Python chatbot framework open-sourced by NoneBot. A security vulnerability exists in nonebot2 versions 2.0.0a16 through 2.1.3, which stems from an information disclosure vulnerability in MessageTemplate...

PT-2024-18976 · Nonebot2 · Nonebot2

Name of the Vulnerable Software and Affected Versions: nonebot2 versions prior to 2.2.0 Description: This issue pertains to a potential information leak, such as environment variables, when developers use MessageTemplate and incorporate user-provided data into templates. The estimated number of...