Lucene search

CVE-2024-39899

🗓️ 09 Jul 2024 19:13:15Reported by GitHub_MType

PrivateBin v1.5 introduces YOURLS server-side proxy, allowing anyone to shorten any URL, defeating the proxy's limit. Fixed in v1.7.4

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 7
osv	GHSA-MQQJ-FX8H-437J PrivateBin allows shortening of URLs for other domains	10 Jul 202414:25	–	osv
osv	CVE-2024-39899	9 Jul 202419:15	–	osv
cvelist	CVE-2024-39899 PrivateBin allows shortening of URLs for other domains	9 Jul 202418:57	–	cvelist
github	PrivateBin allows shortening of URLs for other domains	10 Jul 202414:25	–	github
veracode	Authorization Bypass	11 Jul 202406:16	–	veracode
vulnrichment	CVE-2024-39899 PrivateBin allows shortening of URLs for other domains	9 Jul 202418:57	–	vulnrichment
nvd	CVE-2024-39899	9 Jul 202419:15	–	nvd

Vulners

Vulnrichment

Node

privatebin privatebinRange1.5.0–1.7.4

[
  {
    "vendor": "PrivateBin",
    "product": "PrivateBin",
    "versions": [
      {
        "version": ">= 1.5.0, < 1.7.4",
        "status": "affected"
      }
    ]
  }
]

Source	Link
github	www.github.com/PrivateBin/PrivateBin/pull/1370
github	www.github.com/PrivateBin/PrivateBin/security/advisories/GHSA-mqqj-fx8h-437j
github	www.github.com/PrivateBin/PrivateBin/commit/0c4e810e6728f67d678458838d8430dfba4fcca4

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

09 Jul 2024 19:15Current

5.2Medium risk

Vulners AI Score5.2

CVSS35.3

EPSS0.00047

SSVC