VYPR
Critical severity10.0OSV Advisory· Published Dec 30, 2024· Updated Apr 15, 2026

CVE-2024-56799

CVE-2024-56799

Description

Simofa is a tool to help automate static website building and deployment. Prior to version 0.2.7, due to a design mistake in the RouteLoader class, some API routes may be publicly accessible when they should require authentication. This vulnerability has been patched in v0.2.7.

Affected products

2
  • Truewinter/SimofaOSV2 versions
    v0.0.1, v0.0.10, v0.0.11, …+ 1 more
    • (no CPE)range: v0.0.1, v0.0.10, v0.0.11, …
    • (no CPE)range: <0.2.7

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.