Lucene search
K

4 matches found

CVE
CVE
added 2024/11/26 6:25 p.m.100 views

CVE-2024-32965

CVE-2024-32965 concerns Lobe Chat (lobe-chat) before version 1.19.13, with an unauthenticated SSRF vulnerability. The issue allows constructing malicious requests that trigger SSRF to internal services, potentially leaking sensitive information. The weakness is tied to the proxy address and OpenA...

8.6CVSS8AI score0.23896EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/11/26 6:25 p.m.19 views

CVE-2024-32965 ssrf vulnerability in lobe-chat

Lobe Chat is an open-source, AI chat framework. Versions of lobe-chat prior to 1.19.13 have an unauthorized ssrf vulnerability. An attacker can construct malicious requests to cause SSRF without logging in, attack intranet services, and leak sensitive information. The jwt token header...

8.1CVSS6.7AI score0.23896EPSS
Exploits1References2
OSV
OSV
added 2024/11/26 6:25 p.m.17 views

CVE-2024-32965 ssrf vulnerability in lobe-chat

Lobe Chat is an open-source, AI chat framework. Versions of lobe-chat prior to 1.19.13 have an unauthorized ssrf vulnerability. An attacker can construct malicious requests to cause SSRF without logging in, attack intranet services, and leak sensitive information. The jwt token header...

8.1CVSS6.4AI score0.23896EPSS
Exploits1References4
Circl
Circl
added 2024/11/26 4:52 a.m.6 views

CVE-2024-32965

creationtimestamp| type| source ---|---|--- 2024-11-26 04:52:57+00:00| published-proof-of-concept| https://github.com/lobehub/lobehub/security/advisories/GHSA-2xcc-vm3f-m8rw 2024-11-26 18:37:04+00:00| seen| https://infosec.exchange/users/cve/statuses/113550702902794180...

8.6CVSS5.7AI score0.23896EPSS
Exploits1References2
Rows per page
Query Builder