CVE-2025-24354 | imgproxy up to 3.27.1 server-side request forgery

Inserito da Angelo Barbosa | Gen 27, 2025 | CVE

A vulnerability was found in imgproxy up to 3.27.1 and classified as critical. Affected by this issue is some unknown functionality. The manipulation leads to server-side request forgery.

This vulnerability is handled as CVE-2025-24354. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-24354 | imgproxy up to 3.27.1 server-side request forgery

Post correlati

CVE-2023-4818 | PAX Technology A920 USB input validation

CVE-2024-49619 | Acespritech Solutions Social Link Groups Plugin up to 1.1.0 on WordPress sql injection

CVE-2024-6871 | G Data Total Security permission (ZDI-24-1486)

CVE-2023-49607 | Mattermost up to 8.1.5/9.0.3/9.1.2/9.2.1 Playbook Plugin reminder unusual condition