GHSA-j2hp-6m75-v4j4

Опубликовано: 27 янв. 2025

Источник: github

Github: Прошло ревью

CVSS3: 5.3

Описание

imgproxy is vulnerable to SSRF against 0.0.0.0

Summary

Imgproxy does not block the 0.0.0.0 address, even with IMGPROXY_ALLOW_LOOPBACK_SOURCE_ADDRESSES set to false. This can expose services on the local host.

Details

imgproxy protects against SSRF against a loopback address with the following check (source):

if !config.AllowLoopbackSourceAddresses && ip.IsLoopback() { return ErrSourceAddressNotAllowed }

This check is insufficient to prevent accessing services on the local host, as services may receive traffic on 0.0.0.0. Go's IsLoopback (source) strictly follows the definition of loopback IPs beginning with 127. 0.0.0.0 is not blocked.

Ссылки

Пакеты

Наименование

github.com/imgproxy/imgproxy

Затронутые версииВерсия исправления

< 3.27.2

3.27.2

EPSS

Процентиль: 84%

0.02217

Низкий

5.3 Medium

CVSS3

CVE ID

CVE-2025-24354

Дефекты

CWE-918

Связанные уязвимости

CVE-2025-24354

CVSS3: 5.3

nvd

около 1 года назад

imgproxy is server for resizing, processing, and converting images. Imgproxy does not block the 0.0.0.0 address, even with IMGPROXY_ALLOW_LOOPBACK_SOURCE_ADDRESSES set to false. This can expose services on the local host. This vulnerability is fixed in 3.27.2.

SUSE-SU-2025:0297-1

suse-cvrf

около 1 года назад

Security update for govulncheck-vulndb

EPSS

Процентиль: 84%

0.02217

Низкий

5.3 Medium

CVSS3

CVE ID

CVE-2025-24354

Дефекты

CWE-918