vulnerability

SUSE: CVE-2025-24354: SUSE Linux Security Advisory

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:N/AC:L/Au:N/C:P/I:N/A:N)	Jan 27, 2025	Feb 3, 2025	Dec 5, 2025

Severity

CVSS

(AV:N/AC:L/Au:N/C:P/I:N/A:N)

Published

Jan 27, 2025

Added

Feb 3, 2025

Modified

Dec 5, 2025

Description

imgproxy is server for resizing, processing, and converting images. Imgproxy does not block the 0.0.0.0 address, even with IMGPROXY_ALLOW_LOOPBACK_SOURCE_ADDRESSES set to false. This can expose services on the local host. This vulnerability is fixed in 3.27.2.

Solution

suse-upgrade-govulncheck-vulndb

References

CVE-2025-24354
https://attackerkb.com/topics/CVE-2025-24354
CWE-918

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today