6 matches found
CVE-2024-27920
The CVE covers projectdiscovery/nuclei where unsigned code templates could be executed via workflows in Nuclei v3. root cause: oversight in workflow execution that allows executing unsigned templates. Impact: local execution with high severity per listed metrics; effects are mitigation-dependent ...
CVE-2024-43405
Insight: CVE-2024-43405 affects ProjectDiscovery Nuclei. The issue is in the template signature verification (signer package), where a newline handling discrepancy between the signature verification and YAML parsing allows an attacker to craft templates that bypass digest verification and potenti...
CVE-2023-37896
CVE-2023-37896 concerns a path traversal/sandbox sanitization flaw in the Go SDK path/file loading for Nuclei templates, not affecting the CLI. The issue occurred when relative paths were not converted to absolute paths before sandbox checks, permitting access to arbitrary filesystem files when u...
CVE-2026-41646
Summary (CVE-2026-41646) : Nuclei prior to 3.8.0 is vulnerable where the JavaScript protocol runtime allows templates to read local .js/.json files via the require() function, bypassing the local-file-access restriction. Affected versions range from 3.0.0 up to, but not including, 3.8.0. The issu...
CVE-2026-41645
CVE-2026-41645 affects Nuclei up to version 3.8.0, where the expression evaluation engine can be tricked by HTTP response-derived DSL expressions reused in multi-step templates. If -env-vars (-ev) is explicitly enabled, response data containing DSL expressions can expose host environment variable...
CVE-2026-41282
Summary: CVE-2026-41282 affects ProjectDiscovery Nuclei prior to 3.8.0, where DSL expression injection is possible when using -env-vars for multi-step templates against untrusted targets configured non-defaultly. The Red Hat advisory describes a flaw enabling DSL injection that could lead to unau...