CVE-2024-33117

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-33117

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-33117.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-33117

Published

2024-05-06T20:15:10Z

Modified

2025-06-12T04:04:51.675186Z

Summary

[none]

Details

crmeb_java v1.3.4 was discovered to contain a Server-Side Request Forgery (SSRF) via the mergeList method in class com.zbkj.front.pub.ImageMergeController.

References

https://github.com/cxcxcxcxcxcxcxc/cxcxcxcxcxcxcxc/blob/main/cxcxcxcxcxc/about-2024/33117.txt

Affected packages

Git / github.com/crmeb/crmeb_java

Affected ranges

Type: GIT
Repo: https://github.com/crmeb/crmeb_java
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

d3b93d20fd624f587b6fc9ffcb26c3f2ec5ae0e3

Affected versions

v1.*

v1.3.4