CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-2766

Malicious code in bioql PyPI...

9.1CVSS6.4AI score0.02285EPSS

Exploits1References4

RedhatCVE•added 2025/02/05 3:37 a.m.•5 views

CVE-2024-45053

Fides is an open-source privacy engineering platform. Starting in version 2.19.0 and prior to version 2.44.0, the Email Templating feature uses Jinja2 without proper input sanitization or rendering environment restrictions, allowing for Server-Side Template Injection that grants Remote Code...

9.1CVSS8.2AI score0.02285EPSS

Exploits1References1

Github Security Blog•added 2024/09/04 6:7 p.m.•18 views

Remote Code Execution Vulnerability via SSTI in Fides Webserver Jinja Email Templating Engine

Summary The Email Templating feature uses Jinja2 without proper input sanitization or rendering environment restrictions, allowing for Server-Side Template Injection that grants Remote Code Execution to privileged users. A privileged user refers to an Admin UI user with the default Owner or...

9.1CVSS9AI score0.02285EPSS

Exploits1References4Affected Software1

OSV•added 2024/09/04 6:7 p.m.•14 views

GHSA-C34R-238X-F7QX Remote Code Execution Vulnerability via SSTI in Fides Webserver Jinja Email Templating Engine

9.1CVSS9.2AI score0.02285EPSS

Exploits1References4

NVD•added 2024/09/04 4:15 p.m.•11 views

CVE-2024-45053

9.1CVSS0.02285EPSS

Exploits1References2

Vulnrichment•added 2024/09/04 4:4 p.m.•11 views

CVE-2024-45053 Remote Code Execution Vulnerability via SSTI in Fides Webserver Jinja Email Templating Engine

9.1CVSS8.6AI score0.02285EPSS

Exploits1References2

OSV•added 2024/09/04 4:4 p.m.•9 views

CVE-2024-45053 Remote Code Execution Vulnerability via SSTI in Fides Webserver Jinja Email Templating Engine

9.1CVSS7.9AI score0.02285EPSS

Exploits1References4

CVE•added 2024/09/04 4:4 p.m.•44 views

CVE-2024-45053

Fides (open‑source privacy engineering platform) is affected by a Server‑Side Template Injection in the Email Templating feature using Jinja2, allowing Remote Code Execution by privileged Admin UI users. Cloaked between versions 2.19.0 and before 2.44.0, the issue arises from insufficient input s...

9.1CVSS8.8AI score0.02285EPSS

Exploits1References2Affected Software1

Positive Technologies•added 2024/09/04 12:0 a.m.•3 views

PT-2024-31405 · Jinja2 +1 · Jinja2 +1

Name of the Vulnerable Software and Affected Versions: Fides versions 2.19.0 through 2.43.x Description: The Email Templating feature in Fides uses Jinja2 without proper input sanitization or rendering environment restrictions, allowing for Server-Side Template Injection that grants Remote Code...

9.1CVSS8.8AI score0.02285EPSS

Exploits1References11

Positive Technologies•added 2022/05/31 12:0 a.m.•2 views

PT-2022-8884 · Form.Io · Form.Io

Name of the Vulnerable Software and Affected Versions: Form.io version 2.0.0 Description: A Server-Side Template Injection SSTI issue was discovered, leading to Remote Code Execution during the deletion of the default Email template URL. The email templating service was removed after 2020. The...

9.8CVSS8.1AI score0.03455EPSS

Exploits0References6

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by