From 0978c0dfa911a9fd785ca351109f5cee122196e4 Mon Sep 17 00:00:00 2001 From: nmasdoufi-ol Date: Fri, 20 Dec 2024 18:34:32 +0100 Subject: [PATCH] Update affected versions range. --- agent/exploits/cve_2024_51479.py | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/agent/exploits/cve_2024_51479.py b/agent/exploits/cve_2024_51479.py index 742e8f3..6940e61 100644 --- a/agent/exploits/cve_2024_51479.py +++ b/agent/exploits/cve_2024_51479.py @@ -27,6 +27,7 @@ ) VERSION_PATTERN = re.compile(r't\.version="(\d+\.\d+(?:\.\d+)?)"') MAX_VULNERABLE_VERSION = version.parse("14.2.14") +MIN_VULNERABLE_VERSION = version.parse("9.5.5") def _fetch_chunk_file(target_url: str, chunk_path: str) -> str | None: @@ -92,7 +93,9 @@ def check(self, target: definitions.Target) -> list[definitions.Vulnerability]: extracted_version = _extract_version(chunk_content) if ( extracted_version is not None - and version.parse(extracted_version) <= MAX_VULNERABLE_VERSION + and MIN_VULNERABLE_VERSION + <= version.parse(extracted_version) + <= MAX_VULNERABLE_VERSION ): vulnerability = self._create_vulnerability(target) vulnerabilities.append(vulnerability)