CVE-2024-41124

See a problem?

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-41124

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-41124.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-41124

Aliases

GHSA-rwcj-7jjp-4w38

Published

2024-07-19T20:15:08Z

Modified

2024-07-22T15:45:19.570020Z

Summary

[none]

Details

Puncia is the Official CLI utility for Subdomain Center & Exploit Observer. API_URLS is utilizing HTTP instead of HTTPS for communication that can lead to issues like Eavesdropping, Data Tampering, Unauthorized Data Access & MITM Attacks. This issue has been addressed in release version 0.21 by using https rather than http connections. All users are advised to upgrade. There is no known workarounds for this vulnerability.

References

Affected packages

Git / github.com/arpsyndicate/puncia

Affected ranges

Type: GIT
Repo: https://github.com/arpsyndicate/puncia
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

033f3b68126eabbb2040ce16e2c3a2ce17437fbd

Affected versions

v0.*

v0.15

v0.16

v0.17

v0.18

v0.19

v0.20