[ { "id": 887743822, "name": "CVE-2024-21534", "full_name": "pabloopez\/CVE-2024-21534", "owner": { "login": "pabloopez", "id": 56795889, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56795889?v=4", "html_url": "https:\/\/github.com\/pabloopez", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/pabloopez\/CVE-2024-21534", "description": "Proof-of-concept (PoC) exploit for JSONPath-plus vulnerability", "fork": false, "created_at": "2024-11-13T07:56:10Z", "updated_at": "2024-11-13T09:25:02Z", "pushed_at": "2024-11-13T09:24:58Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0, "subscribers_count": 1 }, { "id": 892949211, "name": "cve-2024-21534-poc", "full_name": "XiaomingX\/cve-2024-21534-poc", "owner": { "login": "XiaomingX", "id": 5387930, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5387930?v=4", "html_url": "https:\/\/github.com\/XiaomingX", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/XiaomingX\/cve-2024-21534-poc", "description": "jsonpath-plus 包(版本 <=10.0.7)存在严重的远程代码执行(RCE)漏洞,允许攻击者通过 Node.js 的 VM 模块执行任意代码。该漏洞由于输入验证不严格导致,影响版本为 10.0.7 以下,CVSS 分数为 9.8(极其严重)。漏洞首次公开于 2024 年 10 月 11 日。", "fork": false, "created_at": "2024-11-23T05:54:24Z", "updated_at": "2024-11-25T05:24:15Z", "pushed_at": "2024-11-23T05:57:35Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, "forks_count": 1, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [ "exp", "poc", "rce" ], "visibility": "public", "forks": 1, "watchers": 0, "score": 0, "subscribers_count": 1 } ]