CVE-2024-37157 in Discourse情報

要約

〜によって MITRE • 2024年07月03日

Discourse is an open-source discussion platform. Prior to version 3.2.3 on the `stable` branch and version 3.3.0.beta4 on the `beta` and `tests-passed` branches, a malicious actor could get the FastImage library to redirect requests to an internal Discourse IP. This issue is patched in version 3.2.3 on the `stable` branch and version 3.3.0.beta4 on the `beta` and `tests-passed` branches. No known workarounds are available.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

責任者

GitHub M

予約する

2024年06月03日

モデレーション

承諾済み

エントリ

VDB-270325

EPSS

0.00348

アクティビティ

非常低い

ソース

Want to know what is going to be exploited?

We predict KEV entries!