Critical severityNVD Advisory· Published Jul 18, 2024· Updated Aug 2, 2024
a sqlinjection in 1Panel
CVE-2024-39907
Description
1Panel is a web-based linux server management control panel. There are many sql injections in the project, and some of them are not well filtered, leading to arbitrary file writes, and ultimately leading to RCEs. These sql injections have been resolved in version 1.10.12-tls. Users are advised to upgrade. There are no known workarounds for these issues.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/1Panel-dev/1PanelGo | < 1.10.12-tls | 1.10.12-tls |
Affected products
1- Range: >= 1.10.9-tls, < 1.10.12-tls
Patches
1ff549a47937cfix: 解决 gorm 的 sql 注入问题 (#5409)
12 files changed · +489 −170
backend/app/api/v1/cronjob.go+2 −2 modified@@ -36,12 +36,12 @@ func (b *BaseApi) CreateCronjob(c *gin.Context) { // @Summary Page cronjobs // @Description 获取计划任务分页 // @Accept json -// @Param request body dto.SearchWithPage true "request" +// @Param request body dto.PageCronjob true "request" // @Success 200 {object} dto.PageResult // @Security ApiKeyAuth // @Router /cronjobs/search [post] func (b *BaseApi) SearchCronjob(c *gin.Context) { - var req dto.SearchWithPage + var req dto.PageCronjob if err := helper.CheckBindAndValidate(&req, c); err != nil { return }
backend/app/dto/command.go+3 −3 modified@@ -1,9 +1,9 @@ package dto type SearchCommandWithPage struct { - SearchWithPage - OrderBy string `json:"orderBy"` - Order string `json:"order"` + PageInfo + OrderBy string `json:"orderBy" validate:"required,oneof=name command created_at"` + Order string `json:"order" validate:"required,oneof=null ascending descending"` GroupID uint `json:"groupID"` Info string `json:"info"` Name string `json:"name"`
backend/app/dto/common_req.go+1 −3 modified@@ -2,9 +2,7 @@ package dto type SearchWithPage struct { PageInfo - Info string `json:"info"` - OrderBy string `json:"orderBy"` - Order string `json:"order"` + Info string `json:"info"` } type PageInfo struct {
backend/app/dto/container.go+2 −2 modified@@ -6,8 +6,8 @@ type PageContainer struct { PageInfo Name string `json:"name"` State string `json:"state" validate:"required,oneof=all created running paused restarting removing exited dead"` - OrderBy string `json:"orderBy"` - Order string `json:"order"` + OrderBy string `json:"orderBy" validate:"required,oneof=name status created_at"` + Order string `json:"order" validate:"required,oneof=null ascending descending"` Filters string `json:"filters"` ExcludeAppStore bool `json:"excludeAppStore"` }
backend/app/dto/cronjob.go+7 −0 modified@@ -4,6 +4,13 @@ import ( "time" ) +type PageCronjob struct { + PageInfo + Info string `json:"info"` + OrderBy string `json:"orderBy" validate:"required,oneof=name status created_at"` + Order string `json:"order" validate:"required,oneof=null ascending descending"` +} + type CronjobCreate struct { Name string `json:"name" validate:"required"` Type string `json:"type" validate:"required"`
backend/app/dto/database.go+4 −4 modified@@ -27,8 +27,8 @@ type MysqlDBSearch struct { PageInfo Info string `json:"info"` Database string `json:"database" validate:"required"` - OrderBy string `json:"orderBy"` - Order string `json:"order"` + OrderBy string `json:"orderBy" validate:"required,oneof=name created_at"` + Order string `json:"order" validate:"required,oneof=null ascending descending"` } type MysqlDBInfo struct { @@ -236,8 +236,8 @@ type DatabaseSearch struct { PageInfo Info string `json:"info"` Type string `json:"type"` - OrderBy string `json:"orderBy"` - Order string `json:"order"` + OrderBy string `json:"orderBy" validate:"required,oneof=name created_at"` + Order string `json:"order" validate:"required,oneof=null ascending descending"` } type DatabaseInfo struct {
backend/app/dto/database_postgresql.go+2 −2 modified@@ -6,8 +6,8 @@ type PostgresqlDBSearch struct { PageInfo Info string `json:"info"` Database string `json:"database" validate:"required"` - OrderBy string `json:"orderBy"` - Order string `json:"order"` + OrderBy string `json:"orderBy" validate:"required,oneof=name created_at"` + Order string `json:"order" validate:"required,oneof=null ascending descending"` } type PostgresqlDBInfo struct {
backend/app/dto/request/website.go+2 −2 modified@@ -7,8 +7,8 @@ import ( type WebsiteSearch struct { dto.PageInfo Name string `json:"name"` - OrderBy string `json:"orderBy"` - Order string `json:"order"` + OrderBy string `json:"orderBy" validate:"required,oneof=primary_domain type status created_at"` + Order string `json:"order" validate:"required,oneof=null ascending descending"` WebsiteGroupID uint `json:"websiteGroupId"` }
backend/app/service/cornjob.go+2 −2 modified@@ -21,7 +21,7 @@ import ( type CronjobService struct{} type ICronjobService interface { - SearchWithPage(search dto.SearchWithPage) (int64, interface{}, error) + SearchWithPage(search dto.PageCronjob) (int64, interface{}, error) SearchRecords(search dto.SearchRecord) (int64, interface{}, error) Create(cronjobDto dto.CronjobCreate) error HandleOnce(id uint) error @@ -39,7 +39,7 @@ func NewICronjobService() ICronjobService { return &CronjobService{} } -func (u *CronjobService) SearchWithPage(search dto.SearchWithPage) (int64, interface{}, error) { +func (u *CronjobService) SearchWithPage(search dto.PageCronjob) (int64, interface{}, error) { total, cronjobs, err := cronjobRepo.Page(search.Page, search.PageSize, commonRepo.WithLikeName(search.Info), commonRepo.WithOrderRuleBy(search.OrderBy, search.Order)) var dtoCronjobs []dto.CronjobInfo for _, cronjob := range cronjobs {
cmd/server/docs/docs.go+173 −59 modified@@ -242,43 +242,6 @@ const docTemplate = `{ } } }, - "/apps/installed/:appInstallId/versions": { - "get": { - "security": [ - { - "ApiKeyAuth": [] - } - ], - "description": "通过 install id 获取应用更新版本", - "consumes": [ - "application/json" - ], - "tags": [ - "App" - ], - "summary": "Search app update version by install id", - "parameters": [ - { - "type": "integer", - "description": "request", - "name": "appInstallId", - "in": "path", - "required": true - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "type": "array", - "items": { - "$ref": "#/definitions/dto.AppVersion" - } - } - } - } - } - }, "/apps/installed/check": { "post": { "security": [ @@ -777,6 +740,43 @@ const docTemplate = `{ } } }, + "/apps/installed/update/versions": { + "post": { + "security": [ + { + "ApiKeyAuth": [] + } + ], + "description": "通过 install id 获取应用更新版本", + "consumes": [ + "application/json" + ], + "tags": [ + "App" + ], + "summary": "Search app update version by install id", + "parameters": [ + { + "type": "integer", + "description": "request", + "name": "appInstallId", + "in": "path", + "required": true + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "type": "array", + "items": { + "$ref": "#/definitions/dto.AppVersion" + } + } + } + } + } + }, "/apps/search": { "post": { "security": [ @@ -3636,7 +3636,7 @@ const docTemplate = `{ "in": "body", "required": true, "schema": { - "$ref": "#/definitions/dto.SearchWithPage" + "$ref": "#/definitions/dto.PageCronjob" } } ], @@ -14612,6 +14612,9 @@ const docTemplate = `{ "detailId": { "type": "integer" }, + "dockerCompose": { + "type": "string" + }, "version": { "type": "string" } @@ -14850,8 +14853,7 @@ const docTemplate = `{ "dto.ChangeRedisPass": { "type": "object", "required": [ - "database", - "value" + "database" ], "properties": { "database": { @@ -14947,6 +14949,9 @@ const docTemplate = `{ "name": { "type": "string" }, + "secret": { + "type": "string" + }, "type": { "type": "string", "enum": [ @@ -14976,6 +14981,9 @@ const docTemplate = `{ "name": { "type": "string" }, + "secret": { + "type": "string" + }, "source": { "type": "string", "enum": [ @@ -15450,6 +15458,9 @@ const docTemplate = `{ "script": { "type": "string" }, + "secret": { + "type": "string" + }, "sourceDir": { "type": "string" }, @@ -15527,6 +15538,9 @@ const docTemplate = `{ "script": { "type": "string" }, + "secret": { + "type": "string" + }, "sourceDir": { "type": "string" }, @@ -15814,7 +15828,6 @@ const docTemplate = `{ "required": [ "from", "name", - "password", "type", "username", "version" @@ -15983,6 +15996,8 @@ const docTemplate = `{ "dto.DatabaseSearch": { "type": "object", "required": [ + "order", + "orderBy", "page", "pageSize" ], @@ -15991,10 +16006,19 @@ const docTemplate = `{ "type": "string" }, "order": { - "type": "string" + "type": "string", + "enum": [ + "null", + "ascending", + "descending" + ] }, "orderBy": { - "type": "string" + "type": "string", + "enum": [ + "name", + "created_at" + ] }, "page": { "type": "integer" @@ -16010,7 +16034,6 @@ const docTemplate = `{ "dto.DatabaseUpdate": { "type": "object", "required": [ - "password", "type", "username", "version" @@ -17079,6 +17102,8 @@ const docTemplate = `{ "type": "object", "required": [ "database", + "order", + "orderBy", "page", "pageSize" ], @@ -17090,10 +17115,19 @@ const docTemplate = `{ "type": "string" }, "order": { - "type": "string" + "type": "string", + "enum": [ + "null", + "ascending", + "descending" + ] }, "orderBy": { - "type": "string" + "type": "string", + "enum": [ + "name", + "created_at" + ] }, "page": { "type": "integer" @@ -17527,6 +17561,8 @@ const docTemplate = `{ "dto.PageContainer": { "type": "object", "required": [ + "order", + "orderBy", "page", "pageSize", "state" @@ -17542,10 +17578,20 @@ const docTemplate = `{ "type": "string" }, "order": { - "type": "string" + "type": "string", + "enum": [ + "null", + "ascending", + "descending" + ] }, "orderBy": { - "type": "string" + "type": "string", + "enum": [ + "name", + "status", + "created_at" + ] }, "page": { "type": "integer" @@ -17568,6 +17614,42 @@ const docTemplate = `{ } } }, + "dto.PageCronjob": { + "type": "object", + "required": [ + "order", + "orderBy", + "page", + "pageSize" + ], + "properties": { + "info": { + "type": "string" + }, + "order": { + "type": "string", + "enum": [ + "null", + "ascending", + "descending" + ] + }, + "orderBy": { + "type": "string", + "enum": [ + "name", + "status", + "created_at" + ] + }, + "page": { + "type": "integer" + }, + "pageSize": { + "type": "integer" + } + } + }, "dto.PageInfo": { "type": "object", "required": [ @@ -17810,6 +17892,8 @@ const docTemplate = `{ "type": "object", "required": [ "database", + "order", + "orderBy", "page", "pageSize" ], @@ -17821,10 +17905,19 @@ const docTemplate = `{ "type": "string" }, "order": { - "type": "string" + "type": "string", + "enum": [ + "null", + "ascending", + "descending" + ] }, "orderBy": { - "type": "string" + "type": "string", + "enum": [ + "name", + "created_at" + ] }, "page": { "type": "integer" @@ -18415,12 +18508,6 @@ const docTemplate = `{ "info": { "type": "string" }, - "order": { - "type": "string" - }, - "orderBy": { - "type": "string" - }, "page": { "type": "integer" }, @@ -18643,6 +18730,9 @@ const docTemplate = `{ }, "id": { "type": "integer" + }, + "secret": { + "type": "string" } } }, @@ -18678,6 +18768,9 @@ const docTemplate = `{ }, "reDownload": { "type": "boolean" + }, + "secret": { + "type": "string" } } }, @@ -19472,6 +19565,9 @@ const docTemplate = `{ "detailId": { "type": "integer" }, + "dockerCompose": { + "type": "string" + }, "forceDelete": { "type": "boolean" }, @@ -19689,6 +19785,9 @@ const docTemplate = `{ "replace": { "type": "boolean" }, + "secret": { + "type": "string" + }, "type": { "type": "string" } @@ -19751,6 +19850,9 @@ const docTemplate = `{ "path": { "type": "string" }, + "secret": { + "type": "string" + }, "type": { "type": "string" } @@ -21449,7 +21551,6 @@ const docTemplate = `{ "request.WebsiteSSLUpdate": { "type": "object", "required": [ - "acmeAccountId", "id", "primaryDomain", "provider" @@ -21541,6 +21642,8 @@ const docTemplate = `{ "request.WebsiteSearch": { "type": "object", "required": [ + "order", + "orderBy", "page", "pageSize" ], @@ -21549,10 +21652,21 @@ const docTemplate = `{ "type": "string" }, "order": { - "type": "string" + "type": "string", + "enum": [ + "null", + "ascending", + "descending" + ] }, "orderBy": { - "type": "string" + "type": "string", + "enum": [ + "primary_domain", + "type", + "status", + "created_at" + ] }, "page": { "type": "integer"
cmd/server/docs/swagger.json+173 −59 modified@@ -235,43 +235,6 @@ } } }, - "/apps/installed/:appInstallId/versions": { - "get": { - "security": [ - { - "ApiKeyAuth": [] - } - ], - "description": "通过 install id 获取应用更新版本", - "consumes": [ - "application/json" - ], - "tags": [ - "App" - ], - "summary": "Search app update version by install id", - "parameters": [ - { - "type": "integer", - "description": "request", - "name": "appInstallId", - "in": "path", - "required": true - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "type": "array", - "items": { - "$ref": "#/definitions/dto.AppVersion" - } - } - } - } - } - }, "/apps/installed/check": { "post": { "security": [ @@ -770,6 +733,43 @@ } } }, + "/apps/installed/update/versions": { + "post": { + "security": [ + { + "ApiKeyAuth": [] + } + ], + "description": "通过 install id 获取应用更新版本", + "consumes": [ + "application/json" + ], + "tags": [ + "App" + ], + "summary": "Search app update version by install id", + "parameters": [ + { + "type": "integer", + "description": "request", + "name": "appInstallId", + "in": "path", + "required": true + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "type": "array", + "items": { + "$ref": "#/definitions/dto.AppVersion" + } + } + } + } + } + }, "/apps/search": { "post": { "security": [ @@ -3629,7 +3629,7 @@ "in": "body", "required": true, "schema": { - "$ref": "#/definitions/dto.SearchWithPage" + "$ref": "#/definitions/dto.PageCronjob" } } ], @@ -14605,6 +14605,9 @@ "detailId": { "type": "integer" }, + "dockerCompose": { + "type": "string" + }, "version": { "type": "string" } @@ -14843,8 +14846,7 @@ "dto.ChangeRedisPass": { "type": "object", "required": [ - "database", - "value" + "database" ], "properties": { "database": { @@ -14940,6 +14942,9 @@ "name": { "type": "string" }, + "secret": { + "type": "string" + }, "type": { "type": "string", "enum": [ @@ -14969,6 +14974,9 @@ "name": { "type": "string" }, + "secret": { + "type": "string" + }, "source": { "type": "string", "enum": [ @@ -15443,6 +15451,9 @@ "script": { "type": "string" }, + "secret": { + "type": "string" + }, "sourceDir": { "type": "string" }, @@ -15520,6 +15531,9 @@ "script": { "type": "string" }, + "secret": { + "type": "string" + }, "sourceDir": { "type": "string" }, @@ -15807,7 +15821,6 @@ "required": [ "from", "name", - "password", "type", "username", "version" @@ -15976,6 +15989,8 @@ "dto.DatabaseSearch": { "type": "object", "required": [ + "order", + "orderBy", "page", "pageSize" ], @@ -15984,10 +15999,19 @@ "type": "string" }, "order": { - "type": "string" + "type": "string", + "enum": [ + "null", + "ascending", + "descending" + ] }, "orderBy": { - "type": "string" + "type": "string", + "enum": [ + "name", + "created_at" + ] }, "page": { "type": "integer" @@ -16003,7 +16027,6 @@ "dto.DatabaseUpdate": { "type": "object", "required": [ - "password", "type", "username", "version" @@ -17072,6 +17095,8 @@ "type": "object", "required": [ "database", + "order", + "orderBy", "page", "pageSize" ], @@ -17083,10 +17108,19 @@ "type": "string" }, "order": { - "type": "string" + "type": "string", + "enum": [ + "null", + "ascending", + "descending" + ] }, "orderBy": { - "type": "string" + "type": "string", + "enum": [ + "name", + "created_at" + ] }, "page": { "type": "integer" @@ -17520,6 +17554,8 @@ "dto.PageContainer": { "type": "object", "required": [ + "order", + "orderBy", "page", "pageSize", "state" @@ -17535,10 +17571,20 @@ "type": "string" }, "order": { - "type": "string" + "type": "string", + "enum": [ + "null", + "ascending", + "descending" + ] }, "orderBy": { - "type": "string" + "type": "string", + "enum": [ + "name", + "status", + "created_at" + ] }, "page": { "type": "integer" @@ -17561,6 +17607,42 @@ } } }, + "dto.PageCronjob": { + "type": "object", + "required": [ + "order", + "orderBy", + "page", + "pageSize" + ], + "properties": { + "info": { + "type": "string" + }, + "order": { + "type": "string", + "enum": [ + "null", + "ascending", + "descending" + ] + }, + "orderBy": { + "type": "string", + "enum": [ + "name", + "status", + "created_at" + ] + }, + "page": { + "type": "integer" + }, + "pageSize": { + "type": "integer" + } + } + }, "dto.PageInfo": { "type": "object", "required": [ @@ -17803,6 +17885,8 @@ "type": "object", "required": [ "database", + "order", + "orderBy", "page", "pageSize" ], @@ -17814,10 +17898,19 @@ "type": "string" }, "order": { - "type": "string" + "type": "string", + "enum": [ + "null", + "ascending", + "descending" + ] }, "orderBy": { - "type": "string" + "type": "string", + "enum": [ + "name", + "created_at" + ] }, "page": { "type": "integer" @@ -18408,12 +18501,6 @@ "info": { "type": "string" }, - "order": { - "type": "string" - }, - "orderBy": { - "type": "string" - }, "page": { "type": "integer" }, @@ -18636,6 +18723,9 @@ }, "id": { "type": "integer" + }, + "secret": { + "type": "string" } } }, @@ -18671,6 +18761,9 @@ }, "reDownload": { "type": "boolean" + }, + "secret": { + "type": "string" } } }, @@ -19465,6 +19558,9 @@ "detailId": { "type": "integer" }, + "dockerCompose": { + "type": "string" + }, "forceDelete": { "type": "boolean" }, @@ -19682,6 +19778,9 @@ "replace": { "type": "boolean" }, + "secret": { + "type": "string" + }, "type": { "type": "string" } @@ -19744,6 +19843,9 @@ "path": { "type": "string" }, + "secret": { + "type": "string" + }, "type": { "type": "string" } @@ -21442,7 +21544,6 @@ "request.WebsiteSSLUpdate": { "type": "object", "required": [ - "acmeAccountId", "id", "primaryDomain", "provider" @@ -21534,6 +21635,8 @@ "request.WebsiteSearch": { "type": "object", "required": [ + "order", + "orderBy", "page", "pageSize" ], @@ -21542,10 +21645,21 @@ "type": "string" }, "order": { - "type": "string" + "type": "string", + "enum": [ + "null", + "ascending", + "descending" + ] }, "orderBy": { - "type": "string" + "type": "string", + "enum": [ + "primary_domain", + "type", + "status", + "created_at" + ] }, "page": { "type": "integer"
cmd/server/docs/swagger.yaml+118 −32 modified@@ -48,6 +48,8 @@ definitions: properties: detailId: type: integer + dockerCompose: + type: string version: type: string type: object @@ -213,7 +215,6 @@ definitions: type: string required: - database - - value type: object dto.Clean: properties: @@ -269,6 +270,8 @@ definitions: type: string name: type: string + secret: + type: string type: enum: - app @@ -289,6 +292,8 @@ definitions: type: string name: type: string + secret: + type: string source: enum: - OSS @@ -611,6 +616,8 @@ definitions: type: integer script: type: string + secret: + type: string sourceDir: type: string spec: @@ -663,6 +670,8 @@ definitions: type: integer script: type: string + secret: + type: string sourceDir: type: string spec: @@ -891,7 +900,6 @@ definitions: required: - from - name - - password - type - username - version @@ -974,8 +982,15 @@ definitions: info: type: string order: + enum: + - "null" + - ascending + - descending type: string orderBy: + enum: + - name + - created_at type: string page: type: integer @@ -984,6 +999,8 @@ definitions: type: type: string required: + - order + - orderBy - page - pageSize type: object @@ -1016,7 +1033,6 @@ definitions: version: type: string required: - - password - type - username - version @@ -1721,15 +1737,24 @@ definitions: info: type: string order: + enum: + - "null" + - ascending + - descending type: string orderBy: + enum: + - name + - created_at type: string page: type: integer pageSize: type: integer required: - database + - order + - orderBy - page - pageSize type: object @@ -2024,8 +2049,16 @@ definitions: name: type: string order: + enum: + - "null" + - ascending + - descending type: string orderBy: + enum: + - name + - status + - created_at type: string page: type: integer @@ -2043,10 +2076,38 @@ definitions: - dead type: string required: + - order + - orderBy - page - pageSize - state type: object + dto.PageCronjob: + properties: + info: + type: string + order: + enum: + - "null" + - ascending + - descending + type: string + orderBy: + enum: + - name + - status + - created_at + type: string + page: + type: integer + pageSize: + type: integer + required: + - order + - orderBy + - page + - pageSize + type: object dto.PageInfo: properties: page: @@ -2217,15 +2278,24 @@ definitions: info: type: string order: + enum: + - "null" + - ascending + - descending type: string orderBy: + enum: + - name + - created_at type: string page: type: integer pageSize: type: integer required: - database + - order + - orderBy - page - pageSize type: object @@ -2614,10 +2684,6 @@ definitions: properties: info: type: string - order: - type: string - orderBy: - type: string page: type: integer pageSize: @@ -2766,6 +2832,8 @@ definitions: type: string id: type: integer + secret: + type: string required: - defaultDownload - from @@ -2790,6 +2858,8 @@ definitions: type: boolean reDownload: type: boolean + secret: + type: string required: - id type: object @@ -3312,6 +3382,8 @@ definitions: type: boolean detailId: type: integer + dockerCompose: + type: string forceDelete: type: boolean installId: @@ -3454,6 +3526,8 @@ definitions: type: string replace: type: boolean + secret: + type: string type: type: string required: @@ -3496,6 +3570,8 @@ definitions: type: string path: type: string + secret: + type: string type: type: string required: @@ -4677,7 +4753,6 @@ definitions: skipDNS: type: boolean required: - - acmeAccountId - id - primaryDomain - provider @@ -4709,8 +4784,17 @@ definitions: name: type: string order: + enum: + - "null" + - ascending + - descending type: string orderBy: + enum: + - primary_domain + - type + - status + - created_at type: string page: type: integer @@ -4719,6 +4803,8 @@ definitions: websiteGroupId: type: integer required: + - order + - orderBy - page - pageSize type: object @@ -5364,29 +5450,6 @@ paths: formatEN: Install app [appKey]-[name] formatZH: 安装应用 [appKey]-[name] paramKeys: [] - /apps/installed/:appInstallId/versions: - get: - consumes: - - application/json - description: 通过 install id 获取应用更新版本 - parameters: - - description: request - in: path - name: appInstallId - required: true - type: integer - responses: - "200": - description: OK - schema: - items: - $ref: '#/definitions/dto.AppVersion' - type: array - security: - - ApiKeyAuth: [] - summary: Search app update version by install id - tags: - - App /apps/installed/check: post: consumes: @@ -5702,6 +5765,29 @@ paths: formatEN: Sync the list of installed apps formatZH: 同步已安装应用列表 paramKeys: [] + /apps/installed/update/versions: + post: + consumes: + - application/json + description: 通过 install id 获取应用更新版本 + parameters: + - description: request + in: path + name: appInstallId + required: true + type: integer + responses: + "200": + description: OK + schema: + items: + $ref: '#/definitions/dto.AppVersion' + type: array + security: + - ApiKeyAuth: [] + summary: Search app update version by install id + tags: + - App /apps/search: post: consumes: @@ -7517,7 +7603,7 @@ paths: name: request required: true schema: - $ref: '#/definitions/dto.SearchWithPage' + $ref: '#/definitions/dto.PageCronjob' responses: "200": description: OK
Vulnerability mechanics
Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
4- github.com/advisories/GHSA-5grx-v727-qmq6ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2024-39907ghsaADVISORY
- github.com/1Panel-dev/1Panel/commit/ff549a47937c1314e6ee08453a1d2128242440cdghsaWEB
- github.com/1Panel-dev/1Panel/security/advisories/GHSA-5grx-v727-qmq6ghsax_refsource_CONFIRMWEB
News mentions
0No linked articles in our index yet.