PyPi: Puncia

CVE-2024-41124

Safety vulnerability ID: 72265

This vulnerability was reviewed by experts

The information on this page was manually curated by our Cybersecurity Intelligence Team.

Created at Jul 19, 2024 Updated at Nov 29, 2024

Scan your Python projects for vulnerabilities →

Advisory

Affected versions of Puncia are vulnerable to Cleartext Transmission of Sensitive Information. API_URLS is utilizing HTTP instead of HTTPS for communication that can lead to issues like Eavesdropping, Data Tampering, Unauthorized Data Access & MITM Attacks.

Affected package

puncia

Latest version: 0.25

The Panthera(P.)uncia of Cybersecurity - Official CLI utility for Subdomain Center & Exploit Observer

Affected versions

Fixed versions

Vulnerability changelog

- Fixed a security issue: https://github.com/ARPSyndicate/puncia/security/advisories/GHSA-rwcj-7jjp-4w38
- Added a Security Policy

**Full Changelog**: https://github.com/ARPSyndicate/puncia/compare/v0.20...v0.21

Resources

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41124

Use this package?

Scan your Python project for dependency vulnerabilities in two minutes

Scan your application