'[oss-security] CVE-2024-27347: Apache HugeGraph-Hubble: SSRF in Hubble connection page'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    [oss-security] CVE-2024-27347: Apache HugeGraph-Hubble: SSRF in Hubble connection page
From:       Imba Jin <jin () apache ! org>
Date:       2024-04-22 7:13:19
Message-ID: 218c768c-8ee5-7196-4263-9fc356158d99 () apache ! org
[Download RAW message or body]

Severity: moderate

Affected versions:

- Apache HugeGraph-Hubble 1.0.0 before 1.3.0

Description:

Server-Side Request Forgery (SSRF) vulnerability in Apache HugeGraph-Hubble.This issue affects \
Apache HugeGraph-Hubble: from 1.0.0 before 1.3.0.

Users are recommended to upgrade to version 1.3.0, which fixes the issue.

Credit:

6right of moresec (reporter)

References:

https://hugegraph.incubator.apache.org
https://www.cve.org/CVERecord?id=CVE-2024-27347

[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic