When you purchase through links on our site, we may earn an affiliate commission.Heres how it works.
The bug is tracked as CVE-2024-41730, and carries a severity score of 9.8 (critical).
“The attacker can fully compromise the system resulting in High impact on confidentiality, integrity and availability.”
Image Credit: SAP
This bug was introduced through a fix for a previous vulnerability, and is tracked as CVE-2024-29415.
It carries a severity score of 9.1.
With octal representation, the package erroneously recognizes 127.0.0.1 as a public and globally routable address.
Besides these two, SAP fixed another four high-severity vulnerabilities, with scores ranging from 7.4 to 8.2.
ViaBleeping Computer
