Total
1111 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-35583 | 1 Wkhtmltopdf | 1 Wkhtmltopdf | 2023-03-24 | N/A | 9.8 CRITICAL |
| wkhtmlTOpdf 0.12.6 is vulnerable to SSRF which allows an attacker to get initial access into the target's system by injecting iframe tag with initial asset IP address on it's source. This allows the attacker to takeover the whole infrastructure by accessing their internal assets. | |||||
| CVE-2023-28112 | 1 Discourse | 1 Discourse | 2023-03-23 | N/A | 8.1 HIGH |
| Discourse is an open-source discussion platform. Prior to version 3.1.0.beta3 of the `beta` and `tests-passed` branches, some user provided URLs were being passed to FastImage without SSRF protection. Insufficient protections could enable attackers to trigger outbound network connections from the Discourse server to private IP addresses. This affects any site running the `tests-passed` or `beta` branches versions 3.1.0.beta2 and prior. This issue is patched in version 3.1.0.beta3 of the `beta` and `tests-passed` branches. There are no known workarounds. | |||||
| CVE-2023-28111 | 1 Discourse | 1 Discourse | 2023-03-23 | N/A | 7.5 HIGH |
| Discourse is an open-source discussion platform. Prior to version 3.1.0.beta3 of the `beta` and `tests-passed` branches, attackers are able to bypass Discourse's server-side request forgery (SSRF) protection for private IPv4 addresses by using a IPv4-mapped IPv6 address. The issue is patched in the latest beta and tests-passed version of Discourse. version 3.1.0.beta3 of the `beta` and `tests-passed` branches. There are no known workarounds. | |||||
| CVE-2023-27586 | 1 Courtbouillon | 1 Cairosvg | 2023-03-23 | N/A | 7.1 HIGH |
| CairoSVG is an SVG converter based on Cairo, a 2D graphics library. Prior to version 2.7.0, Cairo can send requests to external hosts when processing SVG files. A malicious actor could send a specially crafted SVG file that allows them to perform a server-side request forgery or denial of service. Version 2.7.0 disables CairoSVG's ability to access other files online by default. | |||||
| CVE-2019-1679 | 1 Cisco | 2 Telepresence Conductor, Telepresence Video Communication Server | 2023-03-23 | 4.0 MEDIUM | 5.0 MEDIUM |
| A vulnerability in the web interface of Cisco TelePresence Conductor, Cisco Expressway Series, and Cisco TelePresence Video Communication Server (VCS) Software could allow an authenticated, remote attacker to trigger an HTTP request from an affected server to an arbitrary host. This type of attack is commonly referred to as server-side request forgery (SSRF). The vulnerability is due to insufficient access controls for the REST API of Cisco Expressway Series and Cisco TelePresence VCS. An attacker could exploit this vulnerability by submitting a crafted HTTP request to the affected server. Versions prior to XC4.3.4 are affected. | |||||
| CVE-2021-36396 | 1 Moodle | 1 Moodle | 2023-03-13 | N/A | 7.5 HIGH |
| In Moodle, insufficient redirect handling made it possible to blindly bypass cURL blocked hosts/allowed ports restrictions, resulting in a blind SSRF risk. | |||||
| CVE-2022-37938 | 1 Hpe | 1 Serviceguard For Linux | 2023-03-10 | N/A | 9.8 CRITICAL |
| Unauthenticated server side request forgery in HPE Serviceguard Manager | |||||
| CVE-2023-26492 | 1 Monospace | 1 Directus | 2023-03-10 | N/A | 7.5 HIGH |
| Directus is a real-time API and App dashboard for managing SQL database content. Directus is vulnerable to Server-Side Request Forgery (SSRF) when importing a file from a remote web server (POST to `/files/import`). An attacker can bypass the security controls by performing a DNS rebinding attack and view sensitive data from internal servers or perform a local port scan. An attacker can exploit this vulnerability to access highly sensitive internal server(s) and steal sensitive information. This issue was fixed in version 9.23.0. | |||||
| CVE-2022-46973 | 1 Anji-plus | 1 Report | 2023-03-10 | N/A | 9.8 CRITICAL |
| Report v0.9.8.6 was discovered to contain a Server-Side Request Forgery (SSRF) vulnerability. | |||||
| CVE-2023-22493 | 1 Rsshub | 1 Rsshub | 2023-03-07 | N/A | 7.5 HIGH |
| RSSHub is an open source RSS feed generator. RSSHub is vulnerable to Server-Side Request Forgery (SSRF) attacks. This vulnerability allows an attacker to send arbitrary HTTP requests from the server to other servers or resources on the network. An attacker can exploit this vulnerability by sending a request to the affected routes with a malicious URL. An attacker could also use this vulnerability to send requests to internal or any other servers or resources on the network, potentially gain access to sensitive information that would not normally be accessible and amplifying the impact of the attack. The patch for this issue can be found in commit a66cbcf. | |||||
| CVE-2022-27234 | 1 Intel | 1 Computer Vision Annotation Tool | 2023-03-06 | N/A | 6.5 MEDIUM |
| Server-side request forgery in the CVAT software maintained by Intel(R) before version 2.0.1 may allow an authenticated user to potentially enable information disclosure via network access. | |||||
| CVE-2019-7616 | 1 Elastic | 1 Kibana | 2023-03-03 | 4.0 MEDIUM | 4.9 MEDIUM |
| Kibana versions before 6.8.2 and 7.2.1 contain a server side request forgery (SSRF) flaw in the graphite integration for Timelion visualizer. An attacker with administrative Kibana access could set the timelion:graphite.url configuration option to an arbitrary URL. This could possibly lead to an attacker accessing external URL resources as the Kibana process on the host system. | |||||
| CVE-2021-33926 | 1 Plone | 1 Plone | 2023-03-02 | N/A | 8.8 HIGH |
| An issue in Plone CMS v. 5.2.4, 5.2.3, 5.2.2, 5.2.1, 5.2.0, 5.1rc2, 5.1rc1, 5.1b4, 5.1b3, 5.1b2, 5.1a2, 5.1a1, 5.1.7, 5.1.6, 5.1.5, 5.1.4, 5.1.2, 5.1.1 5.1, 5.0rc3, 5.0rc2, 5.0rc1, 5.0.9, 5.0.8, 5.0.7, 5.0.6, 5.0.5, 5.0.4, 5.0.3, 5.0.2, 5.0.10, 5.0.1, 5.0, 4.3.9, 4.3.8, 4.3.7, 4.3.6, 4.3.5, 4.3.4, 4.3.3, 4.3.20, 4 allows attacker to access sensitive information via the RSS feed protlet. | |||||
| CVE-2018-19571 | 1 Gitlab | 1 Gitlab | 2023-03-01 | 4.0 MEDIUM | 7.7 HIGH |
| GitLab CE/EE, versions 8.18 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an SSRF vulnerability in webhooks. | |||||
| CVE-2022-29153 | 2 Fedoraproject, Hashicorp | 2 Fedora, Consul | 2023-02-23 | 5.0 MEDIUM | 7.5 HIGH |
| HashiCorp Consul and Consul Enterprise up to 1.9.16, 1.10.9, and 1.11.4 may allow server side request forgery when the Consul client agent follows redirects returned by HTTP health check endpoints. Fixed in 1.9.17, 1.10.10, and 1.11.5. | |||||
| CVE-2023-25162 | 1 Nextcloud | 1 Nextcloud Server | 2023-02-23 | N/A | 5.3 MEDIUM |
| Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Nextcloud Server prior to 24.0.8 and 23.0.12 and Nextcloud Enterprise server prior to 24.0.8 and 23.0.12 are vulnerable to server-side request forgery (SSRF). Attackers can leverage enclosed alphanumeric payloads to bypass IP filters and gain SSRF, which would allow an attacker to read crucial metadata if the server is hosted on the AWS platform. Nextcloud Server 24.0.8 and 23.0.2 and Nextcloud Enterprise Server 24.0.8 and 23.0.12 contain a patch for this issue. No known workarounds are available. | |||||
| CVE-2023-25557 | 1 Datahub Project | 1 Datahub | 2023-02-21 | N/A | 9.1 CRITICAL |
| DataHub is an open-source metadata platform. The DataHub frontend acts as a proxy able to forward any REST or GraphQL requests to the backend. The goal of this proxy is to perform authentication if needed and forward HTTP requests to the DataHub Metadata Store (GMS). It has been discovered that the proxy does not adequately construct the URL when forwarding data to GMS, allowing external users to reroute requests from the DataHub Frontend to any arbitrary hosts. As a result attackers may be able to reroute a request from originating from the frontend proxy to any other server and return the result. This vulnerability was discovered and reported by the GitHub Security lab and is tracked as GHSL-2022-076. | |||||
| CVE-2022-45027 | 1 Perfsonar | 1 Perfsonar | 2023-02-16 | N/A | 5.3 MEDIUM |
| perfSONAR before 4.4.6, when performing participant discovery, incorrectly uses an HTTP request header value to determine a local address. | |||||
| CVE-2022-1767 | 1 Diagrams | 1 Drawio | 2023-02-16 | 5.0 MEDIUM | 7.5 HIGH |
| Server-Side Request Forgery (SSRF) in GitHub repository jgraph/drawio prior to 18.0.7. | |||||
| CVE-2022-1722 | 1 Diagrams | 1 Drawio | 2023-02-16 | 2.1 LOW | 3.3 LOW |
| SSRF in editor's proxy via IPv6 link-local address in GitHub repository jgraph/drawio prior to 18.0.5. SSRF to internal link-local IPv6 addresses | |||||