cartoview (>=1.8.2 <=1.8.4) potentially affected by CVE-2023-26043 via geonode (>=2.10.4 <=2.8.1)

geonode PYPI version =2.10.4, =1.8.2, =1.8.4 Source cves: CVE-2023-26043 Source advisory: OSV:GHSA-MCMC-C59M-PQQ8...

PT-2023-28341 · Geonode · Geonode

Name of the Vulnerable Software and Affected Versions: GeoNode versions 3.2.0 through 4.1.3 Description: A SSRF vulnerability exists, bypassing existing controls on the software. This can allow a user to request internal services for a full read SSRF, returning any data from the internal network...