Bref enables serverless PHP on AWS Lambda, using the Event-Driven Function runtime with the `RequestHandlerInterface` to convert Lambda event to PSR7 object. Vulnerability in file handling allows attacker to fill Lambda instance disk. Patched in 2.1.13.
Reporter | Title | Published | Views | Family All 8 |
---|---|---|---|---|
![]() | CVE-2024-24752 Bref Uploaded Files Not Deleted in Event-Driven Functions | 1 Feb 202416:10 | – | cvelist |
![]() | Denial Of Service (DoS) | 2 Feb 202408:47 | – | veracode |
![]() | Bref's Uploaded Files Not Deleted in Event-Driven Functions | 1 Feb 202420:53 | – | osv |
![]() | CVE-2024-24752 | 1 Feb 202416:17 | – | nvd |
![]() | Design/Logic Flaw | 1 Feb 202416:17 | – | prion |
![]() | Bref's Uploaded Files Not Deleted in Event-Driven Functions | 1 Feb 202420:53 | – | github |
![]() | CVE-2024-24752 Bref Uploaded Files Not Deleted in Event-Driven Functions | 1 Feb 202416:10 | – | vulnrichment |
![]() | CVE-2024-24752 | 1 Feb 202416:17 | – | cve |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo