A host whitelist parser issue in the proxy service implemented in the GravityZone Update Server allows an attacker to cause a server-side request forgery. This issue only affects GravityZone Console versions before 6.38.1-2 that are running only on premise.

Related CVEs

CVE-2024-4177

Key Information

GHSA ID

GHSA-g5m9-q65c-x6m4

Published

June 6, 2024 9:30 AM

Last Modified

June 11, 2024 6:30 PM

CVSS Score

7.5 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: July 7, 2025 6:28 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.