4 matches found
br.com.zup.beagle:beagle-micronaut-starter (>=1.1.0 <=2.1.0), com.bertramlabs.plugins:asset-pipeline-micronaut (>=3.0.7 <=4.3.0) +40 more potentially affected by CVE-2024-23639 via io.micronaut:micronaut-http-server-netty (>=1.0.1 <=3.8.0)
io.micronaut:micronaut-http-server-netty MAVEN version =1.0.1, =1.1.0, =3.0.7, =1.3.0, =3.1.1, =0.99.0, =1.3.12, =0.1.0, =0.1.0, =1.0.6, =1.0.0, =3.2.0 - io.micronaut.example:micronaut-graphql-example-chat =1.4.0 - io.micronaut.example:micronaut-graphql-example-hello-world-groovy =1.4.0 -...
br.com.zup.beagle:beagle-micronaut-starter (>=1.1.0 <=2.1.0), com.agorapulse:gru-micronaut (>=0.9.1 <=1.4.0) +169 more potentially affected by CVE-2024-23639 via io.micronaut:micronaut-http-server (>=1.0.0 <=3.8.2)
io.micronaut:micronaut-http-server MAVEN version =1.0.0, =1.1.0, =0.9.1, =1.0.0-micronaut-1.0, =3.0.7, =1.3.0, =0.1.0, =3.1.1, =1.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.2.0 - com.pulsarix.micronaut:micronaut-security-attributes =1.0.0 and more Source cves: CVE-2024-23639 Source...
CVE-2024-23639
creationtimestamp| type| source ---|---|--- 2024-02-09 02:26:28+00:00| seen| https://t.me/ctinow/181770 2024-02-11 15:04:27+00:00| seen| https://t.me/arpsyndicate/3416 2024-03-02 16:46:35+00:00| seen| https://t.me/ctinow/198412...
CVE-2024-23639
Affected product: Micronaut Framework (micronaut-core). Vulnerability: Enabled but unsecured management endpoints allow drive-by localhost attacks when a malicious site issues HTTP requests to localhost, potentially bypassing CORS checks for some simple requests. Impact: Local development environ...