{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2024-37301", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2024-06-05T20:10:46.497Z", "datePublished": "2024-06-11T18:34:38.374Z", "dateUpdated": "2026-02-04T19:40:11.164Z"}, "containers": {"cna": {"title": "document-merge-service vulnerable to Remote Code Execution via Server-Side Template Injection", "problemTypes": [{"descriptions": [{"cweId": "CWE-1336", "lang": "en", "description": "CWE-1336: Improper Neutralization of Special Elements Used in a Template Engine", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/adfinis/document-merge-service/security/advisories/GHSA-v5gf-r78h-55q6", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/adfinis/document-merge-service/security/advisories/GHSA-v5gf-r78h-55q6"}, {"name": "https://github.com/adfinis/document-merge-service/commit/a1edd39d33d1bdf75c31ea01c317547be90ca074", "tags": ["x_refsource_MISC"], "url": "https://github.com/adfinis/document-merge-service/commit/a1edd39d33d1bdf75c31ea01c317547be90ca074"}], "affected": [{"vendor": "adfinis", "product": "document-merge-service", "versions": [{"version": "< 6.5.2", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-02-04T19:40:11.164Z"}, "descriptions": [{"lang": "en", "value": "Document Merge Service is a document template merge service providing an API to manage templates and merge them with given data. Versions 6.5.1 and prior are vulnerable to remote code execution via server-side template injection which, when executed as root, can result in full takeover of the affected system. As of time of publication, no patched version exists, nor have any known workarounds been disclosed."}], "source": {"advisory": "GHSA-v5gf-r78h-55q6", "discovery": "UNKNOWN"}}, "adp": [{"affected": [{"vendor": "adfinis", "product": "document_merge_service", "cpes": ["cpe:2.3:a:adfinis:document_merge_service:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "6.5.1", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-06-11T20:18:28.016202Z", "id": "CVE-2024-37301", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-11T20:21:20.380Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T03:50:56.118Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/adfinis/document-merge-service/security/advisories/GHSA-v5gf-r78h-55q6", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/adfinis/document-merge-service/security/advisories/GHSA-v5gf-r78h-55q6"}, {"name": "https://github.com/adfinis/document-merge-service/commit/a1edd39d33d1bdf75c31ea01c317547be90ca074", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/adfinis/document-merge-service/commit/a1edd39d33d1bdf75c31ea01c317547be90ca074"}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://github.com/adfinis/document-merge-service/security/advisories/GHSA-v5gf-r78h-55q6", "name": "https://github.com/adfinis/document-merge-service/security/advisories/GHSA-v5gf-r78h-55q6", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "https://github.com/adfinis/document-merge-service/commit/a1edd39d33d1bdf75c31ea01c317547be90ca074", "name": "https://github.com/adfinis/document-merge-service/commit/a1edd39d33d1bdf75c31ea01c317547be90ca074", "tags": ["x_refsource_MISC", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T03:50:56.118Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-37301", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-06-11T20:18:28.016202Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:adfinis:document_merge_service:*:*:*:*:*:*:*:*"], "vendor": "adfinis", "product": "document_merge_service", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "6.5.1"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-11T20:21:15.403Z"}}], "cna": {"title": "document-merge-service vulnerable to Remote Code Execution via Server-Side Template Injection", "source": {"advisory": "GHSA-v5gf-r78h-55q6", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "adfinis", "product": "document-merge-service", "versions": [{"status": "affected", "version": "< 6.5.2"}]}], "references": [{"url": "https://github.com/adfinis/document-merge-service/security/advisories/GHSA-v5gf-r78h-55q6", "name": "https://github.com/adfinis/document-merge-service/security/advisories/GHSA-v5gf-r78h-55q6", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/adfinis/document-merge-service/commit/a1edd39d33d1bdf75c31ea01c317547be90ca074", "name": "https://github.com/adfinis/document-merge-service/commit/a1edd39d33d1bdf75c31ea01c317547be90ca074", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Document Merge Service is a document template merge service providing an API to manage templates and merge them with given data. Versions 6.5.1 and prior are vulnerable to remote code execution via server-side template injection which, when executed as root, can result in full takeover of the affected system. As of time of publication, no patched version exists, nor have any known workarounds been disclosed."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-1336", "description": "CWE-1336: Improper Neutralization of Special Elements Used in a Template Engine"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-02-04T19:40:11.164Z"}}}, "cveMetadata": {"cveId": "CVE-2024-37301", "state": "PUBLISHED", "dateUpdated": "2026-02-04T19:40:11.164Z", "dateReserved": "2024-06-05T20:10:46.497Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2024-06-11T18:34:38.374Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Document Merge Service is a document template merge service providing an API to manage templates and merge them with given data. Versions 6.5.1 and prior are vulnerable to remote code execution via server-side template injection which, when executed as root, can result in full takeover of the affected system. As of time of publication, no patched version exists, nor have any known workarounds been disclosed."}, {"lang": "es", "value": "Document Merge Service es un servicio de combinaci\u00f3n de plantillas de documentos que proporciona una API para administrar plantillas y combinarlas con datos determinados. Las versiones 6.5.1 y anteriores son vulnerables a la ejecuci\u00f3n remota de c\u00f3digo mediante la inyecci\u00f3n de plantillas del lado del servidor que, cuando se ejecuta como root, puede resultar en la toma total del sistema afectado. En el momento de la publicaci\u00f3n, no existe ninguna versi\u00f3n parcheada ni se ha revelado ning\u00fan workaround."}], "id": "CVE-2024-37301", "lastModified": "2026-02-04T20:16:02.377", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2024-06-11T19:16:07.890", "references": [{"source": "security-advisories@github.com", "url": "https://github.com/adfinis/document-merge-service/commit/a1edd39d33d1bdf75c31ea01c317547be90ca074"}, {"source": "security-advisories@github.com", "url": "https://github.com/adfinis/document-merge-service/security/advisories/GHSA-v5gf-r78h-55q6"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://github.com/adfinis/document-merge-service/commit/a1edd39d33d1bdf75c31ea01c317547be90ca074"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://github.com/adfinis/document-merge-service/security/advisories/GHSA-v5gf-r78h-55q6"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-1336"}], "source": "security-advisories@github.com", "type": "Secondary"}]}

{}

{}