All the vulnerabilites related to siyuan-note - siyuan
cve-2024-55658
Vulnerability from cvelistv5
Published
2024-12-11 22:47
Modified
2024-12-11 22:47
Severity ?
EPSS score ?
Summary
SiYuan has an arbitrary file read and path traversal via /api/export/exportResources
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/siyuan-note/siyuan/security/advisories/GHSA-25w9-wqfq-gwqx | x_refsource_CONFIRM | |
| https://github.com/siyuan-note/siyuan/commit/e70ed57f6e4852e2bd702671aeb8eb3a47a36d71 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | siyuan-note | siyuan |
Version: < 3.1.16 |
|
|
|||
{
"containers": {
"cna": {
"affected": [
{
"product": "siyuan",
"vendor": "siyuan-note",
"versions": [
{
"status": "affected",
"version": "\u003c 3.1.16"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "SiYuan is a personal knowledge management system. Prior to version 3.1.16, SiYuan\u0027s /api/export/exportResources endpoint is vulnerable to arbitary file read via path traversal. It is possible to manipulate the paths parameter to access and download arbitrary files from the host system by traversing the workspace directory structure. Version 3.1.16 contains a patch for the issue."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-11T22:47:21.809Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/siyuan-note/siyuan/security/advisories/GHSA-25w9-wqfq-gwqx",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/siyuan-note/siyuan/security/advisories/GHSA-25w9-wqfq-gwqx"
},
{
"name": "https://github.com/siyuan-note/siyuan/commit/e70ed57f6e4852e2bd702671aeb8eb3a47a36d71",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/siyuan-note/siyuan/commit/e70ed57f6e4852e2bd702671aeb8eb3a47a36d71"
}
],
"source": {
"advisory": "GHSA-25w9-wqfq-gwqx",
"discovery": "UNKNOWN"
},
"title": "SiYuan has an arbitrary file read and path traversal via /api/export/exportResources"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-55658",
"datePublished": "2024-12-11T22:47:21.809Z",
"dateReserved": "2024-12-10T14:48:24.296Z",
"dateUpdated": "2024-12-11T22:47:21.809Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-55657
Vulnerability from cvelistv5
Published
2024-12-11 22:44
Modified
2024-12-11 22:44
Severity ?
EPSS score ?
Summary
SiYuan has an arbitrary file read via /api/template/render
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/siyuan-note/siyuan/security/advisories/GHSA-xx68-37v4-4596 | x_refsource_CONFIRM | |
| https://github.com/siyuan-note/siyuan/commit/e70ed57f6e4852e2bd702671aeb8eb3a47a36d71 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | siyuan-note | siyuan |
Version: < 3.1.16 |
|
|
|||
{
"containers": {
"cna": {
"affected": [
{
"product": "siyuan",
"vendor": "siyuan-note",
"versions": [
{
"status": "affected",
"version": "\u003c 3.1.16"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "SiYuan is a personal knowledge management system. Prior to version 3.1.16, an arbitrary file read vulnerability exists in Siyuan\u0027s `/api/template/render` endpoint. The absence of proper validation on the path parameter allows attackers to access sensitive files on the host system. Version 3.1.16 contains a patch for the issue."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-11T22:44:17.868Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/siyuan-note/siyuan/security/advisories/GHSA-xx68-37v4-4596",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/siyuan-note/siyuan/security/advisories/GHSA-xx68-37v4-4596"
},
{
"name": "https://github.com/siyuan-note/siyuan/commit/e70ed57f6e4852e2bd702671aeb8eb3a47a36d71",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/siyuan-note/siyuan/commit/e70ed57f6e4852e2bd702671aeb8eb3a47a36d71"
}
],
"source": {
"advisory": "GHSA-xx68-37v4-4596",
"discovery": "UNKNOWN"
},
"title": "SiYuan has an arbitrary file read via /api/template/render"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-55657",
"datePublished": "2024-12-11T22:44:17.868Z",
"dateReserved": "2024-12-10T14:48:24.296Z",
"dateUpdated": "2024-12-11T22:44:17.868Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-55660
Vulnerability from cvelistv5
Published
2024-12-11 22:54
Modified
2024-12-11 22:54
Severity ?
EPSS score ?
Summary
SiYuan has an SSTI via /api/template/renderSprig
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/siyuan-note/siyuan/security/advisories/GHSA-4pjc-pwgq-q9jp | x_refsource_CONFIRM | |
| https://github.com/siyuan-note/siyuan/commit/e70ed57f6e4852e2bd702671aeb8eb3a47a36d71 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | siyuan-note | siyuan |
Version: < 3.1.16 |
|
|
|||
{
"containers": {
"cna": {
"affected": [
{
"product": "siyuan",
"vendor": "siyuan-note",
"versions": [
{
"status": "affected",
"version": "\u003c 3.1.16"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "SiYuan is a personal knowledge management system. Prior to version 3.1.16, SiYuan\u0027s `/api/template/renderSprig` endpoint is vulnerable to Server-Side Template Injection (SSTI) through the Sprig template engine. Although the engine has limitations, it allows attackers to access environment variables. Version 3.1.16 contains a patch for the issue."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1336",
"description": "CWE-1336: Improper Neutralization of Special Elements Used in a Template Engine",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-11T22:54:52.564Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/siyuan-note/siyuan/security/advisories/GHSA-4pjc-pwgq-q9jp",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/siyuan-note/siyuan/security/advisories/GHSA-4pjc-pwgq-q9jp"
},
{
"name": "https://github.com/siyuan-note/siyuan/commit/e70ed57f6e4852e2bd702671aeb8eb3a47a36d71",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/siyuan-note/siyuan/commit/e70ed57f6e4852e2bd702671aeb8eb3a47a36d71"
}
],
"source": {
"advisory": "GHSA-4pjc-pwgq-q9jp",
"discovery": "UNKNOWN"
},
"title": "SiYuan has an SSTI via /api/template/renderSprig"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-55660",
"datePublished": "2024-12-11T22:54:52.564Z",
"dateReserved": "2024-12-10T15:33:57.415Z",
"dateUpdated": "2024-12-11T22:54:52.564Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-55659
Vulnerability from cvelistv5
Published
2024-12-11 22:53
Modified
2024-12-11 22:53
Severity ?
EPSS score ?
Summary
SiYuan has an arbitrary file write in the host via /api/asset/upload
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/siyuan-note/siyuan/security/advisories/GHSA-fqj6-whhx-47p7 | x_refsource_CONFIRM | |
| https://github.com/siyuan-note/siyuan/commit/e70ed57f6e4852e2bd702671aeb8eb3a47a36d71 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | siyuan-note | siyuan |
Version: < 3.1.16 |
|
|
|||
{
"containers": {
"cna": {
"affected": [
{
"product": "siyuan",
"vendor": "siyuan-note",
"versions": [
{
"status": "affected",
"version": "\u003c 3.1.16"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "SiYuan is a personal knowledge management system. Prior to version 3.1.16, the `/api/asset/upload` endpoint in Siyuan is vulnerable to both arbitrary file write to the host and stored cross-site scripting (via the file write). Version 3.1.16 contains a patch for the issue."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-11T22:53:45.983Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/siyuan-note/siyuan/security/advisories/GHSA-fqj6-whhx-47p7",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/siyuan-note/siyuan/security/advisories/GHSA-fqj6-whhx-47p7"
},
{
"name": "https://github.com/siyuan-note/siyuan/commit/e70ed57f6e4852e2bd702671aeb8eb3a47a36d71",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/siyuan-note/siyuan/commit/e70ed57f6e4852e2bd702671aeb8eb3a47a36d71"
}
],
"source": {
"advisory": "GHSA-fqj6-whhx-47p7",
"discovery": "UNKNOWN"
},
"title": "SiYuan has an arbitrary file write in the host via /api/asset/upload"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-55659",
"datePublished": "2024-12-11T22:53:45.983Z",
"dateReserved": "2024-12-10T15:33:57.415Z",
"dateUpdated": "2024-12-11T22:53:45.983Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}