CVE-2024-32871: Flooding Server with Thumbnail files
All Pimcore Instances are affected, as far as we can see, also all versions
References
- github.com/advisories/GHSA-277c-5vvj-9pwx
- github.com/pimcore/pimcore
- github.com/pimcore/pimcore/commit/38af70b3130f16fc27f2aea34e2943d7bdaaba06
- github.com/pimcore/pimcore/commit/a6821a16ea38086bf6012e682e1743488244bd85
- github.com/pimcore/pimcore/security/advisories/GHSA-277c-5vvj-9pwx
- nvd.nist.gov/vuln/detail/CVE-2024-32871
Code Behaviors & Features
Detect and mitigate CVE-2024-32871 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →