CVE-2024-5885
Server-Side Request Forgery (SSRF) in stangirard/quivr
stangirard/quivr version 0.0.236 contains a Server-Side Request Forgery (SSRF) vulnerability. The application does not provide sufficient controls when crawling a website, allowing an attacker to access applications on the local network. This vulnerability could allow a malicious user to gain access to internal servers, the AWS metadata endpoint, and capture Supabase data.
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Produtos afetados
stangirard · stangirard/quivrQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →