Security Advisory

CVE-2025-24354

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-01-27 17:23:58

Last updated 2025-02-12 20:41:35

Assigner GitHub_M

State PUBLISHED

Description

imgproxy is server for resizing, processing, and converting images. Imgproxy does not block the 0.0.0.0 address, even with IMGPROXY_ALLOW_LOOPBACK_SOURCE_ADDRESSES set to false. This can expose services on the local host. This vulnerability is fixed in 3.27.2.

← Browse all CVEs View on cve.org ↗