CVE-2024-47049 | czim file-handling package up to 1.4.x/2.2.x makeFromUrl/makeFromAny server-side request forgery

Inserito da Angelo Barbosa | Set 17, 2024 | CVE

A vulnerability was found in czim file-handling package up to 1.4.x/2.2.x. It has been classified as critical. This affects the function makeFromUrl/makeFromAny. The manipulation leads to server-side request forgery.

This vulnerability is uniquely identified as CVE-2024-47049. Access to the local network is required for this attack to succeed. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-47049 | czim file-handling package up to 1.4.x/2.2.x makeFromUrl/makeFromAny server-side request forgery

Post correlati

CVE-2023-7055 | PHPGurukul Online Notes Sharing System 1.0 Contact Information /user/profile.php mobilenumber access control

CVE-2023-6616 | SourceCodester Simple Student Attendance System 1.0 index.php page cross site scripting

CVE-2024-24767 | IceWhaleTech CasaOS-UserService excessive authentication

CVE-2023-47265 | Apache Airflow up to 2.7.3 Parameter description cross site scripting