Unrated severityNVD Advisory· Published Jun 27, 2024· Updated Aug 1, 2024
Server-Side Request Forgery (SSRF) in stangirard/quivr
CVE-2024-5885
Description
stangirard/quivr version 0.0.236 contains a Server-Side Request Forgery (SSRF) vulnerability. The application does not provide sufficient controls when crawling a website, allowing an attacker to access applications on the local network. This vulnerability could allow a malicious user to gain access to internal servers, the AWS metadata endpoint, and capture Supabase data.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- stangirard/stangirard/quivrv5Range: unspecified
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.