Total
1695 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-46830 | 1 Jetbrains | 1 Teamcity | 2025-04-23 | 4.1 Medium |
| In JetBrains TeamCity between 2022.10 and 2022.10.1 a custom STS endpoint allowed internal port scanning. | ||||
| CVE-2024-57252 | 1 Otcms | 1 Otcms | 2025-04-22 | 4.3 Medium |
| OtCMS <=V7.46 is vulnerable to Server-Side Request Forgery (SSRF) in /admin/read.php, which can Read system files arbitrarily. | ||||
| CVE-2022-24862 | 1 Databasir Project | 1 Databasir | 2025-04-22 | 7.7 High |
| Databasir is a team-oriented relational database model document management platform. Databasir 1.01 has Server-Side Request Forgery vulnerability. During the download verification process of a JDBC driver the corresponding JDBC driver download address will be downloaded first, but this address will return a response page with complete error information when accessing a non-existent URL. Attackers can take advantage of this feature for SSRF. | ||||
| CVE-2022-31188 | 1 Cvat | 1 Cvat | 2025-04-22 | 8.6 High |
| CVAT is an opensource interactive video and image annotation tool for computer vision. Versions prior to 2.0.0 were found to be subject to a Server-side request forgery (SSRF) vulnerability. Validation has been added to urls used in the affected code path in version 2.0.0. Users are advised to upgrade. There are no known workarounds for this issue. | ||||
| CVE-2022-35949 | 2 Nodejs, Redhat | 2 Undici, Acm | 2025-04-22 | 5.3 Medium |
| undici is an HTTP/1.1 client, written from scratch for Node.js.`undici` is vulnerable to SSRF (Server-side Request Forgery) when an application takes in **user input** into the `path/pathname` option of `undici.request`. If a user specifies a URL such as `http://127.0.0.1` or `//127.0.0.1` ```js const undici = require("undici") undici.request({origin: "http://example.com", pathname: "//127.0.0.1"}) ``` Instead of processing the request as `http://example.org//127.0.0.1` (or `http://example.org/http://127.0.0.1` when `http://127.0.0.1 is used`), it actually processes the request as `http://127.0.0.1/` and sends it to `http://127.0.0.1`. If a developer passes in user input into `path` parameter of `undici.request`, it can result in an _SSRF_ as they will assume that the hostname cannot change, when in actual fact it can change because the specified path parameter is combined with the base URL. This issue was fixed in `undici@5.8.1`. The best workaround is to validate user input before passing it to the `undici.request` call. | ||||
| CVE-2022-31196 | 1 Databasir | 1 Databasir | 2025-04-22 | 7.6 High |
| Databasir is a database metadata management platform. Databasir <= 1.06 has Server-Side Request Forgery (SSRF) vulnerability. The SSRF is triggered by a sending a **single** HTTP POST request to create a databaseType. By supplying a `jdbcDriverFileUrl` that returns a non `200` response code, the url is executed, the response is logged (both in terminal and in database) and is included in the response. This would allow an attackers to obtain the real IP address and scan Intranet information. This issue was fixed in version 1.0.7. | ||||
| CVE-2022-23464 | 1 Nepxion | 1 Discovery | 2025-04-22 | 4.3 Medium |
| Nepxion Discovery is a solution for Spring Cloud. Discovery is vulnerable to a potential Server-Side Request Forgery (SSRF). RouterResourceImpl uses RestTemplate’s getForEntity to retrieve the contents of a URL containing user-controlled input, potentially resulting in Information Disclosure. There is no patch available for this issue at time of publication. There are no known workarounds. | ||||
| CVE-2025-29453 | 1 Personal-management-system | 1 Personal Management System | 2025-04-22 | 6.5 Medium |
| An issue in personal-management-system Personal Management System 1.4.65 allows a remote attacker to obtain sensitive information via the my-contacts-settings component. | ||||
| CVE-2025-29454 | 1 Personal-management-system | 1 Personal Management System | 2025-04-22 | 6.5 Medium |
| An issue in personal-management-system Personal Management System 1.4.65 allows a remote attacker to obtain sensitive information via the Upload function. | ||||
| CVE-2025-29455 | 1 Personal-management-system | 1 Personal Management System | 2025-04-22 | 6.5 Medium |
| An issue in personal-management-system Personal Management System 1.4.65 allows a remote attacker to obtain sensitive information via the Travel Ideas" function. | ||||
| CVE-2025-29456 | 1 Personal-management-system | 1 Personal Management System | 2025-04-22 | 6.5 Medium |
| An issue in personal-management-system Personal Management System 1.4.65 allows a remote attacker to obtain sensitive information via the create Notes function. | ||||
| CVE-2024-23654 | 1 Discourse | 1 Ai | 2025-04-22 | 4.1 Medium |
| discourse-ai is the AI plugin for the open-source discussion platform Discourse. Prior to commit 94ba0dadc2cf38e8f81c3936974c167219878edd, interactions with different AI services are vulnerable to admin-initiated SSRF attacks. Versions of the plugin that include commit 94ba0dadc2cf38e8f81c3936974c167219878edd contain a patch. As a workaround, one may disable the discourse-ai plugin. | ||||
| CVE-2024-0243 | 2 Langchain, Langchain-ai | 2 Langchain, Langchain-ai\/langchain | 2025-04-22 | 8.1 High |
| With the following crawler configuration: ```python from bs4 import BeautifulSoup as Soup url = "https://example.com" loader = RecursiveUrlLoader( url=url, max_depth=2, extractor=lambda x: Soup(x, "html.parser").text ) docs = loader.load() ``` An attacker in control of the contents of `https://example.com` could place a malicious HTML file in there with links like "https://example.completely.different/my_file.html" and the crawler would proceed to download that file as well even though `prevent_outside=True`. https://github.com/langchain-ai/langchain/blob/bf0b3cc0b5ade1fb95a5b1b6fa260e99064c2e22/libs/community/langchain_community/document_loaders/recursive_url_loader.py#L51-L51 Resolved in https://github.com/langchain-ai/langchain/pull/15559 | ||||
| CVE-2022-39276 | 1 Glpi-project | 1 Glpi | 2025-04-22 | 3.5 Low |
| GLPI stands for Gestionnaire Libre de Parc Informatique. GLPI is a Free Asset and IT Management Software package that provides ITIL Service Desk features, licenses tracking and software auditing. Usage of RSS feeds or an external calendar in planning is subject to SSRF exploit. In case a remote script returns a redirect response, the redirect target URL is not checked against the URL allow list defined by administrator. This issue has been patched, please upgrade to 10.0.4. There are currently no known workarounds. | ||||
| CVE-2022-29309 | 1 Wangl1989 | 1 Mysiteforme | 2025-04-22 | 7.5 High |
| mysiteforme v2.2.1 was discovered to contain a Server-Side Request Forgery. | ||||
| CVE-2022-46364 | 2 Apache, Redhat | 10 Cxf, Camel Spring Boot, Jboss Enterprise Application Platform and 7 more | 2025-04-22 | 9.8 Critical |
| A SSRF vulnerability in parsing the href attribute of XOP:Include in MTOM requests in versions of Apache CXF before 3.5.5 and 3.4.10 allows an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type. | ||||
| CVE-2016-6001 | 1 Ibm | 1 Forms Experience Builder | 2025-04-20 | N/A |
| IBM Forms Experience Builder could be susceptible to a server-side request forgery (SSRF) from the application design interface allowing for some information disclosure of internal resources. | ||||
| CVE-2017-9458 | 1 Paloaltonetworks | 1 Pan-os | 2025-04-20 | N/A |
| XML external entity (XXE) vulnerability in the GlobalProtect internal and external gateway interface in Palo Alto Networks PAN-OS before 6.1.18, 7.0.x before 7.0.17, 7.1.x before 7.1.12, and 8.0.x before 8.0.3 allows remote attackers to obtain sensitive information, cause a denial of service, or conduct server-side request forgery (SSRF) attacks via unspecified vectors. | ||||
| CVE-2017-15644 | 1 Webmin | 1 Webmin | 2025-04-20 | N/A |
| SSRF exists in Webmin 1.850 via the PATH_INFO to tunnel/link.cgi, as demonstrated by a GET request for tunnel/link.cgi/http://INTRANET-IP:8000. | ||||
| CVE-2017-12905 | 1 Vebto | 1 Pixie - Image Editor | 2025-04-20 | 10.0 Critical |
| Server Side Request Forgery vulnerability in Vebto Pixie Image Editor 1.4 and 1.7 allows remote attackers to disclose information or execute arbitrary code via the url parameter to Launderer.php. | ||||