cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-43405,https://securityvulnerability.io/vulnerability/CVE-2024-43405,Vulnerability in Nuclei Vulnerability Scanner Affecting Signature Verification,"A vulnerability in the Nuclei vulnerability scanner affects the signature verification system of YAML based templates. This issue is present in the `signer` package from version 3.0.0 to 3.3.1. The vulnerability allows an attacker to bypass signature checks and potentially execute malicious code by exploiting the handling of newline characters and the processing of multiple signatures. This poses a significant risk to CLI users who execute custom code templates from unverified sources, as well as SDK users integrating Nuclei into their platforms. It is crucial for users to upgrade to Nuclei v3.3.2, which addresses this vulnerability, or otherwise avoid using untrusted custom templates.",Projectdiscovery,Nuclei,7.8,HIGH,0.0005300000193528831,false,,false,false,false,,,true,true,2025-01-09T05:52:01.802Z,2024-09-04T16:15:00.000Z,8829