Merge pull request #165 from Ostorlab/feature/Add-version-detection-for-

CVE-2024-51479 Update vulnerable version range.
Ostorlab · Dec 20, 2024 · e2e9906 · e2e9906
2 parents 40d3902 + 0978c0d
commit e2e9906
Showing 1 changed file with 4 additions and 1 deletion.
diff --git a/agent/exploits/cve_2024_51479.py b/agent/exploits/cve_2024_51479.py
@@ -27,6 +27,7 @@
 )
 VERSION_PATTERN = re.compile(r't\.version="(\d+\.\d+(?:\.\d+)?)"')
 MAX_VULNERABLE_VERSION = version.parse("14.2.14")
+MIN_VULNERABLE_VERSION = version.parse("9.5.5")
 
 
 def _fetch_chunk_file(target_url: str, chunk_path: str) -> str | None:
@@ -92,7 +93,9 @@ def check(self, target: definitions.Target) -> list[definitions.Vulnerability]:
             extracted_version = _extract_version(chunk_content)
             if (
                 extracted_version is not None
-                and version.parse(extracted_version) <= MAX_VULNERABLE_VERSION
+                and MIN_VULNERABLE_VERSION
+                <= version.parse(extracted_version)
+                <= MAX_VULNERABLE_VERSION
             ):
                 vulnerability = self._create_vulnerability(target)
                 vulnerabilities.append(vulnerability)