CVE-2024-25294
REBUILD v3.5 contains an SSRF vulnerability in FileDownloader.java, proxyDownload, and URL parameters that allows remote attackers to obtain sensitive information and execute arbitrary code. CVSS 3.1 base score 9.1 (CRITICAL) with network access, no user interaction. Public sources across Red Hat...