exploitDog

CVE-2024-42182

Опубликовано: 23 янв. 2025

Источник: nvd

CVSS3: 2.5

EPSS Низкий

Описание

BigFix Patch Download Plug-ins are affected by Server-Side Request Forgery (SSRF) vulnerability. It may allow the application to download files from an internally hosted server on localhost.

Ссылки

https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0118565

EPSS

Процентиль: 5%

0.0002

Низкий

2.5 Low

CVSS3

Дефекты

CWE-918

Связанные уязвимости

GHSA-w55j-pf39-m7cj

CVSS3: 2.5

github

около 1 года назад

BigFix Patch Download Plug-ins are affected by Server-Side Request Forgery (SSRF) vulnerability. It may allow the application to download files from an internally hosted server on localhost.

EPSS

Процентиль: 5%

0.0002

Низкий

2.5 Low

CVSS3

Дефекты

CWE-918