Total
1165 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-42079 | 1 Osnexus | 1 Quantastor | 2024-10-16 | N/A | 4.9 MEDIUM |
| An authenticated administrator is able to prepare an alert that is able to execute an SSRF attack. This is exclusively with POST requests. | |||||
| CVE-2024-46468 | 2024-10-15 | N/A | 7.5 HIGH | ||
| A Server-Side Request Forgery (SSRF) vulnerability exists in the jpress <= v5.1.1, which can be exploited by an attacker to obtain sensitive information, resulting in an information disclosure. | |||||
| CVE-2023-48910 | 1 Microcks | 1 Microcks | 2024-10-15 | N/A | 9.8 CRITICAL |
| Microcks up to 1.17.1 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /jobs and /artifact/download. This vulnerability allows attackers to access network resources and sensitive information via a crafted GET request. | |||||
| CVE-2024-45317 | 2024-10-15 | N/A | N/A | ||
| A Server-Side Request Forgery (SSRF) vulnerability in SMA1000 appliance firmware versions 12.4.3-02676 and earlier allows a remote, unauthenticated attacker to cause the SMA1000 server-side application to make requests to an unintended IP address. | |||||
| CVE-2023-48023 | 1 Anyscale | 1 Ray | 2024-10-11 | N/A | 9.1 CRITICAL |
| Anyscale Ray 2.6.3 and 2.8.0 allows /log_proxy SSRF. NOTE: the vendor's position is that this report is irrelevant because Ray, as stated in its documentation, is not intended for use outside of a strictly controlled network environment | |||||
| CVE-2024-45119 | 1 Adobe | 3 Commerce, Commerce B2b, Magento | 2024-10-10 | N/A | 6.4 MEDIUM |
| Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by a Server-Side Request Forgery (SSRF) vulnerability that could lead to arbitrary file system read. A low-privilege authenticated attacker can force the application to make arbitrary requests via injection of arbitrary URLs and have a low impact on both confidentiality and integrity. Exploitation of this issue does not require user interaction and scope is changed. | |||||
| CVE-2024-41651 | 1 Prestashop | 1 Prestashop | 2024-10-09 | N/A | 8.1 HIGH |
| An issue in Prestashop v.8.1.7 and before allows a remote attacker to execute arbitrary code via the module upgrade functionality. NOTE: this is disputed by multiple parties, who report that exploitation requires that an attacker be able to hijack network requests made by an admin user (who, by design, is allowed to change the code that is running on the server). | |||||
| CVE-2024-5482 | 1 Lollms | 1 Lollms Web Ui | 2024-10-09 | N/A | 9.8 CRITICAL |
| A Server-Side Request Forgery (SSRF) vulnerability exists in the 'add_webpage' endpoint of the parisneo/lollms-webui application, affecting the latest version. The vulnerability arises because the application does not adequately validate URLs entered by users, allowing them to input arbitrary URLs, including those that target internal resources such as 'localhost' or '127.0.0.1'. This flaw enables attackers to make unauthorized requests to internal or external systems, potentially leading to access to sensitive data, service disruption, network integrity compromise, business logic manipulation, and abuse of third-party resources. The issue is critical and requires immediate attention to maintain the application's security and integrity. | |||||
| CVE-2024-4325 | 1 Gradio Project | 1 Gradio | 2024-10-09 | N/A | 8.6 HIGH |
| A Server-Side Request Forgery (SSRF) vulnerability exists in the gradio-app/gradio version 4.21.0, specifically within the `/queue/join` endpoint and the `save_url_to_cache` function. The vulnerability arises when the `path` value, obtained from the user and expected to be a URL, is used to make an HTTP request without sufficient validation checks. This flaw allows an attacker to send crafted requests that could lead to unauthorized access to the local network or the AWS metadata endpoint, thereby compromising the security of internal servers. | |||||
| CVE-2023-42282 | 1 Fedorindutny | 1 Ip | 2024-10-09 | N/A | 9.8 CRITICAL |
| The ip package before 1.1.9 for Node.js might allow SSRF because some IP addresses (such as 0x7f.1) are improperly categorized as globally routable via isPublic. | |||||
| CVE-2023-6294 | 1 Sygnoos | 1 Popup Builder | 2024-10-09 | N/A | 7.2 HIGH |
| The Popup Builder WordPress plugin before 4.2.6 does not validate a parameter before making a request to it, which could allow users with the administrator role to perform SSRF attack in Multisite WordPress configurations. | |||||
| CVE-2023-40630 | 1 Joomcode | 1 Jcdashboard | 2024-10-08 | N/A | 9.8 CRITICAL |
| Unauthenticated LFI/SSRF in JCDashboards component for Joomla. | |||||
| CVE-2024-9410 | 2024-10-07 | N/A | 5.3 MEDIUM | ||
| Ada.cx's Sentry configuration allowed for blind server-side request forgeries (SSRF) through the use of a data scraping endpoint. | |||||
| CVE-2024-37818 | 2024-10-04 | N/A | 8.6 HIGH | ||
| Strapi v4.24.4 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /strapi.io/_next/image. This vulnerability allows attackers to scan for open ports or access sensitive information via a crafted GET request. NOTE: The Strapi Development Community argues that this issue is not valid. They contend that "the strapi/admin was wrongly attributed a flaw that only pertains to the strapi.io website, and which, at the end of the day, does not pose any real SSRF risk to applications that make use of the Strapi library." | |||||
| CVE-2024-41812 | 1 Txtdot | 1 Txtdot | 2024-09-30 | N/A | 7.5 HIGH |
| txtdot is an HTTP proxy that parses only text, links, and pictures from pages, removing ads and heavy scripts. Prior to version 1.7.0, a Server-Side Request Forgery (SSRF) vulnerability in the `/get` route of txtdot allows remote attackers to use the server as a proxy to send HTTP GET requests to arbitrary targets and retrieve information in the internal network. Version 1.7.0 prevents displaying the response of forged requests, but the requests can still be sent. For complete mitigation, a firewall between txtdot and other internal network resources should be set. | |||||
| CVE-2024-41813 | 1 Txtdot | 1 Txtdot | 2024-09-30 | N/A | 7.5 HIGH |
| txtdot is an HTTP proxy that parses only text, links, and pictures from pages, removing ads and heavy scripts. Starting in version 1.4.0 and prior to version 1.6.1, a Server-Side Request Forgery (SSRF) vulnerability in the `/proxy` route of txtdot allows remote attackers to use the server as a proxy to send HTTP GET requests to arbitrary targets and retrieve information in the internal network. Version 1.6.1 patches the issue. | |||||
| CVE-2024-47066 | 1 Lobehub | 1 Lobe Chat | 2024-09-30 | N/A | 8.8 HIGH |
| Lobe Chat is an open-source artificial intelligence chat framework. Prior to version 1.19.13, server-side request forgery protection implemented in `src/app/api/proxy/route.ts` does not consider redirect and could be bypassed when attacker provides an external malicious URL which redirects to internal resources like a private network or loopback address. Version 1.19.13 contains an improved fix for the issue. | |||||
| CVE-2024-47222 | 1 Myoffice | 1 My Office Sdk | 2024-09-30 | N/A | 9.8 CRITICAL |
| New Cloud MyOffice SDK Collaborative Editing Server 2.2.2 through 2.8 allows SSRF via manipulation of requests from external document storage via the MS-WOPI protocol. | |||||
| CVE-2024-47049 | 1 Czim | 1 File-handling | 2024-09-27 | N/A | 8.2 HIGH |
| The czim/file-handling package before 1.5.0 and 2.x before 2.3.0 (used with PHP Composer) does not properly validate URLs within makeFromUrl and makeFromAny, leading to SSRF, and to directory traversal for the reading of local files. | |||||
| CVE-2024-36427 | 2024-09-27 | N/A | 8.1 HIGH | ||
| The file-serving function in TARGIT Decision Suite before 24.06.19002 (TARGIT Decision Suite 2024 – June) allows authenticated attackers to read or write to server files via a crafted file request. This can allow code execution via a .xview file. | |||||