Количество 2
Количество 2
CVE-2023-40017
GeoNode is an open source platform that facilitates the creation, sharing, and collaborative use of geospatial data. In versions 3.2.0 through 4.1.2, the endpoint `/proxy/?url=` does not properly protect against server-side request forgery. This allows an attacker to port scan internal hosts and request information from internal hosts. A patch is available at commit a9eebae80cb362009660a1fd49e105e7cdb499b9.
GHSA-rmxg-6qqf-x8mr
GeoNode Server Side Request forgery
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2023-40017 GeoNode is an open source platform that facilitates the creation, sharing, and collaborative use of geospatial data. In versions 3.2.0 through 4.1.2, the endpoint `/proxy/?url=` does not properly protect against server-side request forgery. This allows an attacker to port scan internal hosts and request information from internal hosts. A patch is available at commit a9eebae80cb362009660a1fd49e105e7cdb499b9. | CVSS3: 7.5 | 0% Низкий | больше 2 лет назад |
| GHSA-rmxg-6qqf-x8mr GeoNode Server Side Request forgery | CVSS3: 7.5 | 0% Низкий | около 1 года назад |
Уязвимостей на страницу