CVE-2024-8055
published 2025-03-20CVE-2024-8055: Vanna v0.6.3 is vulnerable to SQL injection via Snowflake database in its file staging operations using the `PUT` and `COPY` commands. This vulnerability…
PriorityP354high7.5CVSS 3.0
AVNACLPRNUINSUCHINAN
EPSS
0.62%
45.0th percentile
Vanna v0.6.3 is vulnerable to SQL injection via Snowflake database in its file staging operations using the `PUT` and `COPY` commands. This vulnerability allows unauthenticated remote users to read arbitrary local files on the victim server, such as `/etc/passwd`, by exploiting the exposed SQL queries through a Python Flask API.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| directus | directus | >= 0 < 10.11.2 | 10.11.2 |
| vanna-ai | vanna-ai_vanna | unspecified – latest | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-63gf-x2fr-8r32: Vanna v0
ghsa_unreviewed·2025-03-20
CVE-2024-8055 [HIGH] CWE-200 GHSA-63gf-x2fr-8r32: Vanna v0
Vanna v0.6.3 is vulnerable to SQL injection via Snowflake database in its file staging operations using the `PUT` and `COPY` commands. This vulnerability allows unauthenticated remote users to read arbitrary local files on the victim server, such as `/etc/passwd`, by exploiting the exposed SQL queries through a Python Flask API.
GHSA
Directus is soft-locked by providing a string value to random string util
ghsa·2024-06-04
CVE-2024-36128 [HIGH] CWE-754 Directus is soft-locked by providing a string value to random string util
Directus is soft-locked by providing a string value to random string util
### Describe the Bug
Providing a non-numeric length value to the random string generation utility will create a memory issue breaking the capability to generate random strings platform wide. This creates a denial of service situation where logged in sessions can no longer be refreshed as sessions depend on the capability to generate a random session ID.
### To Reproduce
1. Test if the endpoint is working and accessible, `GET http://localhost:8055/utils/random/string`
2. Do a bad request `GET http://localhost:8055/utils/random/string?length=foo`
3. After this all calls to `GET http://localhost:8055/utils/random/string` will return an empty string instead of a random string
4. In this error situation you'll see aut
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-03-20
Published