CVE-2024-1651
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-1651
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-1651.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2024-1651
- Aliases
- Published
- 2024-02-20T00:15:14Z
- Modified
- 2025-02-13T08:44:09.273165Z
- Severity
-
- 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
Torrentpier version 2.4.1 allows executing arbitrary commands on the server.
This is possible because the application is vulnerable to insecure deserialization.
- References
Affected packages
Git / github.com/torrentpier/torrentpier
Affected ranges
- Type
- GIT
- Repo
- https://github.com/torrentpier/torrentpier
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affected
Affected versions
2.*
2.3.0.4-beta
2.3.0.4-beta2
v2.*
v2.0.0
v2.0.261
v2.0.300
v2.0.400
v2.0.456
v2.0.463
v2.0.477
v2.0.491
v2.0.500
v2.0.506
v2.0.552
v2.0.556
v2.0.560
v2.0.564
v2.0.572
v2.0.581
v2.0.583
v2.0.584
v2.0.585
v2.0.586
v2.0.587
v2.0.588
v2.0.589
v2.0.590
v2.0.591
v2.0.592
v2.0.593
v2.0.593b
v2.0.594
v2.0.594b
v2.0.595
v2.0.596
v2.0.597
v2.0.598
v2.0.599
v2.0.599b
v2.1.0
v2.1.1
v2.1.2
v2.1.3
v2.1.4
v2.1.5
v2.2.0
v2.2.1
v2.2.2
v2.2.3
v2.3.0
v2.3.0.1
v2.3.0.2
v2.3.0.3
v2.3.1
v2.3.1-rc1
v2.4.0
v2.4.0-alpha1
v2.4.0-alpha2
v2.4.0-alpha3
v2.4.0-alpha4
v2.4.0-beta1
v2.4.0-beta2
v2.4.0-beta3
v2.4.0-beta4
v2.4.0-rc1
v2.4.0-rc2
v2.4.1