6.4

CVE-2024-37157

Discourse vulnerable to Server-Side Request Forgery via FastImage

Discourse is an open-source discussion platform. Prior to version 3.2.3 on the `stable` branch and version 3.3.0.beta4 on the `beta` and `tests-passed` branches, a malicious actor could get the FastImage library to redirect requests to an internal Discourse IP. This issue is patched in version 3.2.3 on the `stable` branch and version 3.3.0.beta4 on the `beta` and `tests-passed` branches. No known workarounds are available.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
DiscourseDiscourse SwEditionstable Version < 3.2.3
DiscourseDiscourse SwEditionbeta Version < 3.3.0
DiscourseDiscourse Version3.3.0 Updatebeta1 SwEditionbeta
DiscourseDiscourse Version3.3.0 Updatebeta2 SwEditionbeta
DiscourseDiscourse Version3.3.0 Updatebeta3 SwEditionbeta
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.35% 0.264
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.3 3.9 1.4
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
security-advisories@github.com 6.4 1.6 4.7
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L
CWE-918 Server-Side Request Forgery (SSRF)

The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

https://github.com/discourse/discourse/commit/5b8cf11b69e05d5c058c1148ec69ec309491fa6e
Patch
https://github.com/discourse/discourse/commit/67e78086035cec494b15ce79342a0cb9052c2d95
Patch
https://github.com/discourse/discourse/security/advisories/GHSA-46pq-7958-fc68
Third Party Advisory