CVE-2024-27347

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-27347
Server-Side Request Forgery (SSRF) vulnerability in Apache HugeGraph-Hubble.This issue affects Apache HugeGraph-Hubble: from 1.0.0 before 1.3.0. Users are recommended to upgrade to version 1.3.0, which fixes the issue.

5.3 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
http://www.openwall.com/lists/oss-security/2024/04/22/2 Mailing List Third Party Advisory
https://lists.apache.org/thread/z0v71148slfkw60hsp35pl7ddjyvg01l Mailing List Vendor Advisory
http://www.openwall.com/lists/oss-security/2024/04/22/2 Mailing List Third Party Advisory
https://lists.apache.org/thread/z0v71148slfkw60hsp35pl7ddjyvg01l Mailing List Vendor Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:apache:hugegraph-hubble:*:*:*:*:*:*:*:*
History

30 Jun 2025, 13:41

Type Values Removed Values Added
CPE cpe:2.3:a:apache:hugegraph-hubble:*:*:*:*:*:*:*:*
First Time Apache hugegraph-hubble
Apache
References () http://www.openwall.com/lists/oss-security/2024/04/22/2 - () http://www.openwall.com/lists/oss-security/2024/04/22/2 - Mailing List, Third Party Advisory
References () https://lists.apache.org/thread/z0v71148slfkw60hsp35pl7ddjyvg01l - () https://lists.apache.org/thread/z0v71148slfkw60hsp35pl7ddjyvg01l - Mailing List, Vendor Advisory

13 Feb 2025, 18:17

Type Values Removed Values Added
Summary (en) Server-Side Request Forgery (SSRF) vulnerability in Apache HugeGraph-Hubble.This issue affects Apache HugeGraph-Hubble: from 1.0.0 before 1.3.0. Users are recommended to upgrade to version 1.3.0, which fixes the issue. (en) Server-Side Request Forgery (SSRF) vulnerability in Apache HugeGraph-Hubble.This issue affects Apache HugeGraph-Hubble: from 1.0.0 before 1.3.0. Users are recommended to upgrade to version 1.3.0, which fixes the issue.

21 Nov 2024, 09:04

Type Values Removed Values Added
References () http://www.openwall.com/lists/oss-security/2024/04/22/2 - () http://www.openwall.com/lists/oss-security/2024/04/22/2 -
References () https://lists.apache.org/thread/z0v71148slfkw60hsp35pl7ddjyvg01l - () https://lists.apache.org/thread/z0v71148slfkw60hsp35pl7ddjyvg01l -

03 Jul 2024, 01:50

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 5.3

01 May 2024, 17:15

Type Values Removed Values Added
Summary
  • (es) Vulnerabilidad de Server-Side Request Forgery (SSRF) en Apache HugeGraph-Hubble. Este problema afecta a Apache HugeGraph-Hubble: desde 1.0.0 antes de 1.3.0. Se recomienda a los usuarios actualizar a la versión 1.3.0, que soluciona el problema.
References
  • () http://www.openwall.com/lists/oss-security/2024/04/22/2 -

22 Apr 2024, 14:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-04-22 14:15

Updated : 2025-06-30 13:41

NVD link : CVE-2024-27347

Mitre link : CVE-2024-27347

CVE.ORG link : CVE-2024-27347

JSON object : View

Products Affected

apache

  • hugegraph-hubble
CWE
CWE-918

Server-Side Request Forgery (SSRF)