Appwrite <= v1.4.13 is affected by a Server-Side Request Forgery (SSRF) via the '/v1/avatars/favicon' endpoint due to an incomplete fix of CVE-2023-27159.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: tenable

Published: 2024-01-30T09:20:26.210Z

Updated: 2024-08-01T18:26:30.422Z

Reserved: 2024-01-30T08:48:25.261Z

Link: CVE-2024-1063

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2024-01-30T10:15:09.267

Modified: 2024-11-21T08:49:42.713

Link: CVE-2024-1063

cve-icon Redhat

No data.