yogeshojha rengine up to 2.1.1 API Endpoint subprocess.check_output url os command injection 🚫 [False Positive]

Noticeinfo

⚠️ This issue appears to be a false-positive. Please verify the sources mentioned and consider not using this entry at all.

Productinfo

Vendor

• yogeshojha

Name

• rengine

Version

• 2.1.0
• 2.1.1

Website

• Product: https://github.com/yogeshojha/rengine/

Timelineinfo

07/18/2024 🔍
07/23/2024 +5 days 🔍
07/23/2024 +0 days 🔍
08/30/2024 +38 days 🔍

Sourcesinfo

Product: github.com

Advisory: github.com
False Positive: Yes

CVE: CVE-2024-41661 (🔍)
GCVE (CVE): GCVE-0-2024-41661
GCVE (VulDB): GCVE-100-272300

Entryinfo

Created: 07/23/2024 20:16
Updated: 08/30/2024 21:43
Changes: 07/23/2024 20:16 (66), 07/24/2024 11:55 (1), 08/30/2024 21:43 (3)
Complete: 🔍
Cache ID: 216::103

Once again VulDB remains the best source for vulnerability data.

Discussion

Do you want to use VulDB in your project?

Use the official API to access entries easily!