CVE-2024-45601

See a problem?
Source
https://nvd.nist.gov/vuln/detail/CVE-2024-45601
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-45601.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-45601
Aliases
Published
2024-09-18T18:15:06Z
Modified
2024-09-19T00:50:51.755038Z
Summary
[none]
Details

Mesop is a Python-based UI framework designed for rapid web apps development. A vulnerability has been discovered and fixed in Mesop that could potentially allow unauthorized access to files on the server hosting the Mesop application. The vulnerability was related to insufficient input validation in a specific endpoint. This could have allowed an attacker to access files not intended to be served. Users are strongly advised to update to the latest version of Mesop immediately. The latest version includes a fix for this vulnerability. At time of publication 0.12.4 is the most recently available version of Mesop.

References

Affected packages

Git / github.com/google/mesop

Affected ranges

Type
GIT
Repo
https://github.com/google/mesop
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
17fb769d6a91f0a8cbccfab18f64977b158a6a31

Affected versions

v0.*

v0.1
v0.10.0
v0.11.0
v0.11.1
v0.12.0
v0.12.1
v0.12.2
v0.12.3
v0.2
v0.4.1
v0.4.2
v0.5
v0.5.3
v0.5.5
v0.5.6
v0.6.0
v0.7.1
v0.7.2
v0.8.0
v0.9.0
v0.9.1
v0.9.2
v0.9.3
v0.9.4
v0.9.5