CVE•Published 2024-12-10•Modified 2026-04-15•1 article on news•7 live references•NVD data
CVE-2024-21542
Vulnerability data via NVD (ingested)
CVSS v3.1
8.6
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
EPSS percentile
94
Exploit Prediction Scoring System · top 6% of all CVEs
Weaknesses (CWE)
Description
Versions of the package luigi before 3.6.0 are vulnerable to Arbitrary File Write via Archive Extraction (Zip Slip) due to improper destination file path validation in the _extract_packages_archive function.
Timeline
Published 2024-12-10
Modified 2026-04-15
External references
Search for exposed instances
Shodan + Censys queries derived from NVD's CPE data. The vuln tag catches assets Shodan has explicitly linked to this CVE; the product / banner fingerprints find exposed instances even when the vuln tag was never applied (which is common).
More intel sources (5)
Shodan report
vuln:CVE-2024-21542Country / ASN / product breakdown for the vuln query.
Censys
vulnerabilities.cve_id: CVE-2024-21542Censys host search filtered to this CVE id.
grep.app
CVE-2024-21542Public source-code mentions — fast PoC discovery.
GitHub code
CVE-2024-21542GitHub code search for direct mentions.
Google dork
"CVE-2024-21542" exploit -site:nvd.nist.govWrite-ups and news, NVD excluded.
Known PoCs on GitHub (5)
CVE-2024-215425 repos
chnzzh/iDRAC-CVE-libunknown
CVEs for Integrated Dell Remote Access Controller (iDRAC)
hiifong/starListPython
Export your star's repository list
Executioner1939/awesome-engineering-researchPython
Interesting Books, Articles and Videos
sunlei/awesome-starsPython
My GitHub stars.
L3ster1337/Poc-CVE-2024-21542Python