Total
1279 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-25800 | 1 Bestpractical | 1 Request Tracker For Incident Response | 2024-08-03 | 9.1 Critical |
| Best Practical RT for Incident Response (RTIR) before 4.0.3 and 5.x before 5.0.3 allows SSRF via the whois lookup tool. | ||||
| CVE-2022-25260 | 1 Jetbrains | 1 Hub | 2024-08-03 | 9.1 Critical |
| JetBrains Hub before 2021.1.14276 was vulnerable to blind Server-Side Request Forgery (SSRF). | ||||
| CVE-2022-24969 | 1 Apache | 1 Dubbo | 2024-08-03 | 6.1 Medium |
| bypass CVE-2021-25640 > In Apache Dubbo prior to 2.6.12 and 2.7.15, the usage of parseURL method will lead to the bypass of the white host check which can cause open redirect or SSRF vulnerability. | ||||
| CVE-2022-25026 | 1 Rocketsoftware | 1 Trufusion Enterprise | 2024-08-03 | 7.5 High |
| A Server-Side Request Forgery (SSRF) in Rocket TRUfusion Portal v7.9.2.1 allows remote attackers to gain access to sensitive resources on the internal network via a crafted HTTP request to /trufusionPortal/upDwModuleProxy. | ||||
| CVE-2022-24980 | 1 Kitodo | 1 Kitodo.presentation | 2024-08-03 | 7.5 High |
| An issue was discovered in the Kitodo.Presentation (aka dif) extension before 2.3.2, 3.x before 3.2.3, and 3.3.x before 3.3.4 for TYPO3. A missing access check in an eID script allows an unauthenticated user to submit arbitrary URLs to this component. This results in SSRF, allowing attackers to view the content of any file or webpage the webserver has access to. | ||||
| CVE-2022-24871 | 1 Shopware | 1 Shopware | 2024-08-03 | 7.2 High |
| Shopware is an open commerce platform based on Symfony Framework and Vue. In affected versions an attacker can abuse the Admin SDK functionality on the server to read or update internal resources. Users are advised to update to the current version 6.4.10.1. For older versions of 6.1, 6.2, and 6.3, corresponding security measures are also available via a plugin. There are no known workarounds for this issue. | ||||
| CVE-2022-24789 | 1 Orckestra | 1 C1 Cms | 2024-08-03 | 7.6 High |
| C1 CMS is an open-source, .NET based Content Management System (CMS). Versions prior to 6.12 allow an authenticated user to exploit Server Side Request Forgery (SSRF) by causing the server to make arbitrary GET requests to other servers in the local network or on localhost. The attacker may also truncate arbitrary files to zero size (effectively delete them) leading to denial of service (DoS) or altering application logic. The authenticated user may unknowingly perform the actions by visiting a specially crafted site. Patched in C1 CMS v6.12, no known workarounds exist. | ||||
| CVE-2022-24862 | 1 Databasir Project | 1 Databasir | 2024-08-03 | 7.7 High |
| Databasir is a team-oriented relational database model document management platform. Databasir 1.01 has Server-Side Request Forgery vulnerability. During the download verification process of a JDBC driver the corresponding JDBC driver download address will be downloaded first, but this address will return a response page with complete error information when accessing a non-existent URL. Attackers can take advantage of this feature for SSRF. | ||||
| CVE-2022-24856 | 1 Flyte | 1 Flyte Console | 2024-08-03 | 9.1 Critical |
| FlyteConsole is the web user interface for the Flyte platform. FlyteConsole prior to version 0.52.0 is vulnerable to server-side request forgery (SSRF) when FlyteConsole is open to the general internet. An attacker can exploit any user of a vulnerable instance to access the internal metadata server or other unauthenticated URLs. Passing of headers to an unauthorized actor may occur. The patch for this issue deletes the entire `cors_proxy`, as this is not required for console anymore. A patch is available in FlyteConsole version 0.52.0. Disable FlyteConsole availability on the internet as a workaround. | ||||
| CVE-2022-24825 | 1 Stripe | 1 Smokescreen | 2024-08-03 | 5.8 Medium |
| Smokescreen is a simple HTTP proxy that fogs over naughty URLs. The primary use case for Smokescreen is to prevent server-side request forgery (SSRF) attacks in which external attackers leverage the behavior of applications to connect to or scan internal infrastructure. Smokescreen also offers an option to deny access to additional (e.g., external) URLs by way of a deny list. There was an issue in Smokescreen that made it possible to bypass the deny list feature by appending a dot to the end of user-supplied URLs, or by providing input in a different letter case. Recommended to upgrade Smokescreen to version 0.0.3 or later. | ||||
| CVE-2022-24739 | 1 Alltube Project | 1 Alltube | 2024-08-03 | 7.3 High |
| alltube is an html front end for youtube-dl. On releases prior to 3.0.3, an attacker could craft a special HTML page to trigger either an open redirect attack or a Server-Side Request Forgery attack (depending on how AllTube is configured). The impact is mitigated by the fact the SSRF attack is only possible when the `stream` option is enabled in the configuration. (This option is disabled by default.) 3.0.3 contains a fix for this vulnerability. | ||||
| CVE-2022-24568 | 1 Xxyopen | 1 Novel-plus | 2024-08-03 | 9.8 Critical |
| Novel-plus v3.6.0 was discovered to be vulnerable to Server-Side Request Forgery (SSRF) via user-supplied crafted input. | ||||
| CVE-2022-24449 | 1 Rt-solar | 1 Solar Appscreener | 2024-08-03 | 9.8 Critical |
| Solar appScreener through 3.10.4, when a valid license is not present, allows XXE and SSRF attacks via a crafted XML document. | ||||
| CVE-2022-24333 | 1 Jetbrains | 1 Teamcity | 2024-08-03 | 6.5 Medium |
| In JetBrains TeamCity before 2021.2, blind SSRF via an XML-RPC call was possible. | ||||
| CVE-2022-24129 | 1 Shibboleth | 1 Oidc Op | 2024-08-03 | 8.2 High |
| The OIDC OP plugin before 3.0.4 for Shibboleth Identity Provider allows server-side request forgery (SSRF) due to insufficient restriction of the request_uri parameter. This allows attackers to interact with arbitrary third-party HTTP services. | ||||
| CVE-2022-23668 | 1 Arubanetworks | 1 Clearpass Policy Manager | 2024-08-03 | 4.9 Medium |
| A remote authenticated server-side request forgery (ssrf) vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manage that address this security vulnerability. | ||||
| CVE-2022-23644 | 1 Joinbookwyrm | 1 Bookwyrm | 2024-08-03 | 8.8 High |
| BookWyrm is a decentralized social network for tracking reading habits and reviewing books. The functionality to load a cover via url is vulnerable to a server-side request forgery attack. Any BookWyrm instance running a version prior to v0.3.0 is susceptible to attack from a logged-in user. The problem has been patched and administrators should upgrade to version 0.3.0 As a workaround, BookWyrm instances can close registration and limit members to trusted individuals. | ||||
| CVE-2022-23544 | 1 Metersphere | 1 Metersphere | 2024-08-03 | 7.2 High |
| MeterSphere is a one-stop open source continuous testing platform, covering test management, interface testing, UI testing and performance testing. Versions prior to 2.5.0 are subject to a Server-Side Request Forgery that leads to Cross-Site Scripting. A Server-Side request forgery in `IssueProxyResourceService::getMdImageByUrl` allows an attacker to access internal resources, as well as executing JavaScript code in the context of Metersphere's origin by a victim of a reflected XSS. This vulnerability has been fixed in v2.5.0. There are no known workarounds. | ||||
| CVE-2022-23464 | 1 Nepxion | 1 Discovery | 2024-08-03 | 4.3 Medium |
| Nepxion Discovery is a solution for Spring Cloud. Discovery is vulnerable to a potential Server-Side Request Forgery (SSRF). RouterResourceImpl uses RestTemplate’s getForEntity to retrieve the contents of a URL containing user-controlled input, potentially resulting in Information Disclosure. There is no patch available for this issue at time of publication. There are no known workarounds. | ||||
| CVE-2022-23206 | 1 Apache | 1 Traffic Control | 2024-08-03 | 7.5 High |
| In Apache Traffic Control Traffic Ops prior to 6.1.0 or 5.1.6, an unprivileged user who can reach Traffic Ops over HTTPS can send a specially-crafted POST request to /user/login/oauth to scan a port of a server that Traffic Ops can reach. | ||||