Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-55875 PoC — http4k 代码问题漏洞

Source
https://github.com/JAckLosingHeart/CVE-2024-55875
Associated Vulnerability
Title:http4k 代码问题漏洞 (CVE-2024-55875)
Description:http4k是http4k开源的一个轻量级但功能齐全的 HTTP 工具包。 http4k 5.41.0.0之前版本存在代码问题漏洞,该漏洞源于在处理请求中的恶意XML内容时存在潜在的XML外部实体注入漏洞,可能允许攻击者读取服务器上的本地敏感信息,触发服务器端请求伪造,甚至在某些情况下执行代码。
Description
CVE-2024-55875 | GHSA-7mj5-hjjj-8rgw | http4k first CVE
Readme
# CVE-2024-55875
CVE-2024-55875/GHSA-7mj5-hjjj-8rgw/http4k first CVE

POC -> https://github.com/http4k/http4k/security/advisories/GHSA-7mj5-hjjj-8rgw
File Snapshot

 [4.0K]  /data/pocs/6bf42bfc148e470a84cd5c6236e209a8dd1aafce
└── [ 150]  README.md

0 directories, 1 file
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.