CVE-2024-47049 | czim file-handling package up to 1.4.x/2.2.x makeFromUrl/makeFromAny server-side request forgery
A vulnerability was found in czim file-handling package up to 1.4.x/2.2.x. It has been classified as critical. This affects the function makeFromUrl/makeFromAny. The manipulation leads to server-side request forgery.
This vulnerability is uniquely identified as CVE-2024-47049. Access to the local network is required for this attack to succeed. There is no exploit available.
It is recommended to upgrade the affected component.