CVE-2025-24354

Published: 2025-01-27T18:15Z

Last Modified: 2025-01-27T18:15Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

imgproxy is server for resizing, processing, and converting images. Imgproxy does not block the 0.0.0.0 address, even with IMGPROXY_ALLOW_LOOPBACK_SOURCE_ADDRESSES set to false. This can expose services on the local host. This vulnerability is fixed in 3.27.2. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt