CVE-2024-12450

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-12450

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-12450.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-12450

Published

2025-03-20T10:15:28Z

Modified

2025-04-04T10:47:43.904212Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

In infiniflow/ragflow versions 0.12.0, the web_crawl function in document_app.py contains multiple vulnerabilities. The function does not filter URL parameters, allowing attackers to exploit Full Read SSRF by accessing internal network addresses and viewing their content through the generated PDF files. Additionally, the lack of restrictions on the file protocol enables Arbitrary File Read, allowing attackers to read server files. Furthermore, the use of an outdated Chromium headless version with --no-sandbox mode enabled makes the application susceptible to Remote Code Execution (RCE) via known Chromium v8 vulnerabilities. These issues are resolved in version 0.14.0.

References

Affected packages

Git / github.com/infiniflow/ragflow

Affected ranges

Type: GIT
Repo: https://github.com/infiniflow/ragflow
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

3faae0b2c2f8a26233ee1442ba04874b3406f6e9

Affected versions

v0.*

v0.1.0

v0.10.0

v0.11.0

v0.12.0

v0.13.0

v0.2.0

v0.3.0

v0.3.1

v0.3.2

v0.4.0

v0.5.0

v0.6.0

v0.7.0

v0.8.0

v0.9.0