CVE-2024-46413
- EPSS 0.03%
- Veröffentlicht 25.08.2025 00:00:00
- Zuletzt bearbeitet 12.09.2025 20:19:34
Rebuild v3.7.7 was discovered to contain a Server-Side Request Forgery (SSRF) via the type parameter in the com.rebuild.web.admin.rbstore.RBStoreController#loadDataIndex method.
CVE-2025-50900
- EPSS 0.36%
- Veröffentlicht 25.08.2025 00:00:00
- Zuletzt bearbeitet 09.10.2025 17:54:22
An issue was discovered in getrebuild/rebuild 4.0.4. The affected source code class is com.rebuild.web.RebuildWebInterceptor, and the affected function is preHandle In the filter code, use CodecUtils.urlDecode(request.getRequestURI()) to obtain the U...
CVE-2024-25294
- EPSS 1.2%
- Veröffentlicht 20.03.2024 21:15:30
- Zuletzt bearbeitet 17.06.2025 13:09:19
An SSRF issue in REBUILD v.3.5 allows a remote attacker to obtain sensitive information and execute arbitrary code via the FileDownloader.java, proxyDownload,URL parameters.
CVE-2023-2474
- EPSS 0.07%
- Veröffentlicht 02.05.2023 13:15:25
- Zuletzt bearbeitet 21.11.2024 07:58:41
A vulnerability has been found in Rebuild 3.2 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the pu...