CVE-2024-24806 | libuv up to 1.47.x src/unix/getaddrinfo.c uv_getaddrinfo server-side request forgery (GHSA-f74f-cvh7-c6q6)

Posted by Angelo Barbosa | Feb 8, 2024 | CVE

A vulnerability was found in libuv up to 1.47.x. It has been rated as critical. This issue affects the function uv_getaddrinfo of the file src/unix/getaddrinfo.c. The manipulation leads to server-side request forgery.

The identification of this vulnerability is CVE-2024-24806. The attack may be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-24806 | libuv up to 1.47.x src/unix/getaddrinfo.c uv_getaddrinfo server-side request forgery (GHSA-f74f-cvh7-c6q6)

Related Posts

CVE-2024-33182 | Tenda AC18 15.03.3.10_EN addWifiMacFilter deviceId stack-based overflow

CVE-2024-36844 | libmodbus 3.1.6 Message use after free

CVE-2024-25187 | 71cms 1.0.0 getweather.html server-side request forgery

CVE-2024-20472 | Cisco Secure Firewall Management Center Software sql injection (cisco-sa-fmc-sql-inj-LOYAFcfq)