关联漏洞
描述
CVE-2024-39700 Proof of Concept
介绍
# CVE-2024-39700 Proof of Concept
Repositories created using this template with test option include update-integration-tests.yml workflow which has an RCE vulnerability.
## PoC
- PR:
- https://github.com/LOURC0D3/CVE-2024-39700-PoC/pull/2
- [Commit](https://github.com/LOURC0D3/CVE-2024-39700-PoC/pull/2/commits/2ce488a057e0434fa0f093528d4b6e441aa47916)
- Action Result: https://github.com/LOURC0D3/CVE-2024-39700-PoC/actions/runs/10157571828/job/28087926847
### Result
<img width="721" alt="result" src="https://github.com/user-attachments/assets/646eb8eb-3eb6-4717-a34b-7a22436b6b69">
This is not my bug, I just made a PoC for it.
# Reference
- https://github.com/jupyterlab/extension-template/security/advisories/GHSA-45gq-v5wm-82wg
文件快照
[4.0K] /data/pocs/ed35e102a3f38680e891f342bd47641be534c4b6
├── [ 68] babel.config.js
├── [ 86] CHANGELOG.md
├── [ 199] conftest.py
├── [ 436] copier-answers.yml
├── [ 183] install.json
├── [ 608] jest.config.js
├── [4.0K] jupyter-config
│ └── [4.0K] server-config
│ └── [ 86] myextension.json
├── [1.5K] LICENSE
├── [4.0K] myextension
│ ├── [ 780] handlers.py
│ ├── [1.1K] __init__.py
│ └── [4.0K] tests
│ ├── [ 41] __init__.py
│ └── [ 297] test_handlers.py
├── [6.7K] package.json
├── [2.5K] pyproject.toml
├── [ 748] README.md
├── [2.3K] RELEASE.md
├── [ 33] setup.py
├── [4.0K] src
│ ├── [1.1K] handler.ts
│ ├── [ 713] index.ts
│ └── [4.0K] __tests__
│ └── [ 186] myextension.spec.ts
├── [4.0K] style
│ ├── [ 138] base.css
│ ├── [ 25] index.css
│ └── [ 21] index.js
├── [ 537] tsconfig.json
├── [ 80] tsconfig.test.json
├── [4.0K] ui-tests
│ ├── [ 397] jupyter_server_test_config.py
│ ├── [ 421] package.json
│ ├── [ 340] playwright.config.js
│ ├── [3.7K] README.md
│ ├── [4.0K] tests
│ │ └── [ 518] myextension.spec.ts
│ └── [145K] yarn.lock
└── [368K] yarn.lock
9 directories, 32 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。