11 matches found
EUVD-2024-0119
Malicious code in bioql PyPI...
CVE-2024-21624
nonebot2 is a cross-platform Python asynchronous chatbot framework written in Python. This security advisory pertains to a potential information leak e.g., environment variables in instances where developers utilize MessageTemplate and incorporate user-provided data into templates. The identified...
CVE-2024-21624
nonebot2 is a cross-platform Python asynchronous chatbot framework written in Python. This security advisory pertains to a potential information leak e.g., environment variables in instances where developers utilize MessageTemplate and incorporate user-provided data into templates. The identified...
haruka-bot (>=1.2.0a0 <=1.4.1a60), kirami-plugin-beauty-rate (>=0.1.0 <=0.1.2) +16 more potentially affected by CVE-2024-21624 via nonebot2 (>=2.0.1 <=2.1.3)
nonebot2 PYPI version =2.0.1, =1.2.0a0, =0.1.0, =0.1.0, =0.1.0, =0.3.4, =0.2.0, =0.0.7, =1.1.0, =0.1.0, =0.1.2, =0.1.0, =1.1.0a2 and more Source cves: CVE-2024-21624 Source advisory: OSV:PYSEC-2024-37...
PYSEC-2024-37
nonebot2 is a cross-platform Python asynchronous chatbot framework written in Python. This security advisory pertains to a potential information leak e.g., environment variables in instances where developers utilize MessageTemplate and incorporate user-provided data into templates. The identified...
PYSEC-2024-37
nonebot2 is a cross-platform Python asynchronous chatbot framework written in Python. This security advisory pertains to a potential information leak e.g., environment variables in instances where developers utilize MessageTemplate and incorporate user-provided data into templates. The identified...
CVE-2024-21624 Potential Information Leak in User-Constructed Message Templates in nonebot2
nonebot2 is a cross-platform Python asynchronous chatbot framework written in Python. This security advisory pertains to a potential information leak e.g., environment variables in instances where developers utilize MessageTemplate and incorporate user-provided data into templates. The identified...
CVE-2024-21624 Potential Information Leak in User-Constructed Message Templates in nonebot2
nonebot2 is a cross-platform Python asynchronous chatbot framework written in Python. This security advisory pertains to a potential information leak e.g., environment variables in instances where developers utilize MessageTemplate and incorporate user-provided data into templates. The identified...
CVE-2024-21624 Potential Information Leak in User-Constructed Message Templates in nonebot2
nonebot2 is a cross-platform Python asynchronous chatbot framework written in Python. This security advisory pertains to a potential information leak e.g., environment variables in instances where developers utilize MessageTemplate and incorporate user-provided data into templates. The identified...
CVE-2024-21624
Summary (CVE-2024-21624): nonebot2, a Python-based asynchronous chatbot framework, has a potential information leak in user-constructed templates via the MessageTemplate mechanism. The root cause involves incorporating user-provided data into templates, which may expose sensitive data (e.g., envi...
elf-rss (>=2.5.0 <=2.5.4), gocqapi (>=0.1.3 <=0.1.4) +59 more potentially affected by CVE-2024-21624 via nonebot2 (>=2.0.0a16 <=2.1.3)
nonebot2 PYPI version =2.0.0a16, =2.5.0, =0.1.3, =1.2.0a0, =0.1.0, =0.1.0, =0.1.0, =0.3.4, =0.5.2, =2.0.0, =2.1.0 and more Source cves: CVE-2024-21624 Source advisory: OSV:GHSA-59J8-776V-XXXG...