CVE-2024-27347 | Apache HugeGraph-Hubble up to 1.2.x Hubble Connection Page server-side request forgery

Posted by Angelo Barbosa | Apr 22, 2024 | CVE

A vulnerability has been found in Apache HugeGraph-Hubble up to 1.2.x and classified as critical. Affected by this vulnerability is an unknown functionality of the component Hubble Connection Page. The manipulation leads to server-side request forgery.

This vulnerability is known as CVE-2024-27347. The attack can only be initiated within the local network. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-27347 | Apache HugeGraph-Hubble up to 1.2.x Hubble Connection Page server-side request forgery

Related Posts

CVE-2024-51522 | Huawei HarmonyOS 5.0.0 Device Management Module information management

CVE-2024-41021 | Linux Kernel up to 6.9.11/6.10.1 VM_FAULT_HWPOISON do_exception memory corruption (9e13767ccefd/a3aefb871222/df39038cd895)

CVE-2023-28899 | Škoda Superb III up to 2022 OBDII Port denial of service

CVE-2024-0793 | kube-controller-manager HPA v1 Manifest denial of service