CVE-2024-12840

Опубликовано: 20 дек. 2024

Источник: nvd

Описание

Rejected reason: Red Hat Product Security has come to the conclusion that this CVE is not needed. The problem described was inteded behavior and therefore not a bug.

Связанные уязвимости

GHSA-r5vc-6528-fgf9

CVSS3: 5

github

около 1 года назад

A server-side request forgery exists in Satellite. When a PUT HTTP request is made to /http_proxies/test_connection, when supplied with the http_proxies variable set to localhost, the attacker can fetch the localhost banner.