GHSA-77x4-55q7-4vmj

Опубликовано: 22 апр. 2024

Источник: github

Github: Прошло ревью

CVSS3: 5.3

Описание

Apache HugeGraph-Hubble: SSRF in Hubble connection page

Server-Side Request Forgery (SSRF) vulnerability in Apache HugeGraph-Hubble. This issue affects Apache HugeGraph-Hubble: from 1.0.0 before 1.3.0.

Users are recommended to upgrade to version 1.3.0, which fixes the issue.

Ссылки

Пакеты

Наименование

org.apache.hugegraph:hugegraph-hubble

maven

Затронутые версииВерсия исправления

>= 1.0.0, < 1.3.0

1.3.0

EPSS

Процентиль: 70%

0.00644

Низкий

5.3 Medium

CVSS3

CVE ID

CVE-2024-27347

Дефекты

CWE-918

Связанные уязвимости

CVE-2024-27347

CVSS3: 5.3

nvd

почти 2 года назад

Server-Side Request Forgery (SSRF) vulnerability in Apache HugeGraph-Hubble.This issue affects Apache HugeGraph-Hubble: from 1.0.0 before 1.3.0. Users are recommended to upgrade to version 1.3.0, which fixes the issue.

EPSS

Процентиль: 70%

0.00644

Низкий

5.3 Medium

CVSS3

CVE ID

CVE-2024-27347

Дефекты

CWE-918