admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 17:21:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-120xx/CVE-2024-12068.json
cad-safe-bot 45c9d5d76c Auto-Update: 2025-03-23T03:00:20.104511+00:00
2025-03-23 03:03:54 +00:00

60 lines
2.1 KiB
JSON
Raw Blame History

{
"id": "CVE-2024-12068",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:27.000",
"lastModified": "2025-03-20T10:15:27.000",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Server-Side Request Forgery (SSRF) vulnerability was discovered in haotian-liu/llava, affecting version git c121f04. This vulnerability allows an attacker to make the server perform HTTP requests to arbitrary URLs, potentially accessing sensitive data that is only accessible from the server, such as AWS metadata credentials."
},
{
"lang": "es",
"value": "Se descubri\u00f3 una vulnerabilidad de Server-Side Request Forgery (SSRF) en haotian-liu/llava, que afecta a la versi\u00f3n git c121f04. Esta vulnerabilidad permite a un atacante obligar al servidor a realizar solicitudes HTTP a URL arbitrarias, lo que podr\u00eda permitir el acceso a datos confidenciales a los que solo se puede acceder desde el servidor, como las credenciales de metadatos de AWS."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
}
],
"references": [
{
"url": "https://huntr.com/bounties/9d0b908d-63cd-4d62-91ff-6ceef3183752",
"source": "security@huntr.dev"
}
]
}
Reference in New Issue View Git Blame Copy Permalink