CVE-2024-5885

stangirard/quivr version 0.0.236 contains a Server-Side Request Forgery SSRF vulnerability. The application does not provide sufficient controls when crawling a website, allowing an attacker to access applications on the local network. This vulnerability could allow a malicious user to gain acces...

PT-2023-32830 · Bitnami +4 · Mlflow +1

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: A malicious user could use this issue to access internal HTTPs servers. In the worst case, such as an AWS instance, it could be abused to get a remote...