Lucene search
+L

5 matches found

redhatcve
redhatcve
added 2025/05/23 8:16 a.m.5 views

CVE-2024-36471

Import functionality is vulnerable to DNS rebinding attacks between verification and processing of the URL. Project administrators can run these imports, which could cause Allura to read from internal services and expose them. This issue affects Apache Allura from 1.0.1 through 1.16.0. Users are...

7.5CVSS6.7AI score0.0075EPSS
Exploits0References1
nvd
nvd
added 2024/06/10 10:15 p.m.32 views

CVE-2024-36471

Import functionality is vulnerable to DNS rebinding attacks between verification and processing of the URL. Project administrators can run these imports, which could cause Allura to read from internal services and expose them. This issue affects Apache Allura from 1.0.1 through 1.16.0. Users are...

7.5CVSS0.0075EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2024/06/10 9:55 p.m.18 views

CVE-2024-36471 Apache Allura: sensitive information exposure via DNS rebinding

Import functionality is vulnerable to DNS rebinding attacks between verification and processing of the URL. Project administrators can run these imports, which could cause Allura to read from internal services and expose them. This issue affects Apache Allura from 1.0.1 through 1.16.0. Users are...

7AI score0.0075EPSS
Exploits0References1
cvelist
cvelist
added 2024/06/10 9:55 p.m.25 views

CVE-2024-36471 Apache Allura: sensitive information exposure via DNS rebinding

Import functionality is vulnerable to DNS rebinding attacks between verification and processing of the URL. Project administrators can run these imports, which could cause Allura to read from internal services and expose them. This issue affects Apache Allura from 1.0.1 through 1.16.0. Users are...

0.0075EPSS
Exploits0References1
osv
osv
added 2024/06/10 9:55 p.m.6 views

CVE-2024-36471 Apache Allura: sensitive information exposure via DNS rebinding

Import functionality is vulnerable to DNS rebinding attacks between verification and processing of the URL. Project administrators can run these imports, which could cause Allura to read from internal services and expose them. This issue affects Apache Allura from 1.0.1 through 1.16.0. Users are...

7.5CVSS5.9AI score0.0075EPSS
Exploits0References4
Rows per page
Query Builder