Total
2421 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-27586 | 1 Courtbouillon | 1 Cairosvg | 2025-02-25 | 9.9 Critical |
| CairoSVG is an SVG converter based on Cairo, a 2D graphics library. Prior to version 2.7.0, Cairo can send requests to external hosts when processing SVG files. A malicious actor could send a specially crafted SVG file that allows them to perform a server-side request forgery or denial of service. Version 2.7.0 disables CairoSVG's ability to access other files online by default. | ||||
| CVE-2024-13834 | 1 Cyberchimps | 1 Responsive Addons | 2025-02-24 | 5.4 Medium |
| The Responsive Plus – Starter Templates, Advanced Features and Customizer Settings for Responsive Theme plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 3.1.4 via the 'remote_request' function. This makes it possible for authenticated attackers, with contributor-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services. | ||||
| CVE-2024-34068 | 1 Pterodactyl | 1 Wings | 2025-02-21 | 6.4 Medium |
| Pterodactyl wings is the server control plane for Pterodactyl Panel. An authenticated user who has access to a game server is able to bypass the previously implemented access control (GHSA-6rg3-8h8x-5xfv) that prevents accessing internal endpoints of the node hosting Wings in the pull endpoint. This would allow malicious users to potentially access resources on local networks that would otherwise be inaccessible. This issue has been addressed in version 1.11.2 and users are advised to upgrade. Users unable to upgrade may enable the `api.disable_remote_download` option as a workaround. | ||||
| CVE-2022-36376 | 1 Rankmath | 1 Seo | 2025-02-20 | 6.8 Medium |
| Server-Side Request Forgery (SSRF) vulnerability in Rank Math SEO plugin <= 1.0.95 at WordPress. | ||||
| CVE-2022-42494 | 1 Aioseo | 1 All In One Seo | 2025-02-20 | 3 Low |
| Server Side Request Forgery (SSRF) vulnerability in All in One SEO Pro plugin <= 4.2.5.1 on WordPress. | ||||
| CVE-2022-41609 | 1 Wordplus | 1 Better Messages | 2025-02-20 | 6.4 Medium |
| Auth. (subscriber+) Server-Side Request Forgery (SSRF) vulnerability in Better Messages plugin 1.9.10.68 on WordPress. | ||||
| CVE-2023-25262 | 1 Stimulsoft | 1 Designer | 2025-02-19 | 7.5 High |
| Stimulsoft GmbH Stimulsoft Designer (Web) 2023.1.3 is vulnerable to Server Side Request Forgery (SSRF). TThe Reporting Designer (Web) offers the possibility to embed sources from external locations. If the user chooses an external location, the request to that resource is performed by the server rather than the client. Therefore, the server causes outbound traffic and potentially imports data. An attacker may also leverage this behaviour to exfiltrate data of machines on the internal network of the server hosting the Stimulsoft Reporting Designer (Web). | ||||
| CVE-2023-27162 | 1 Openapi-generator | 1 Openapi Generator | 2025-02-18 | 9.1 Critical |
| openapi-generator up to v6.4.0 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /api/gen/clients/{language}. This vulnerability allows attackers to access network resources and sensitive information via a crafted API request. | ||||
| CVE-2023-27160 | 1 Forem | 1 Forem | 2025-02-18 | 7.2 High |
| forem up to v2022.11.11 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /articles/{id}. This vulnerability allows attackers to access network resources and sensitive information via a crafted POST request. | ||||
| CVE-2023-27163 | 1 Rbaskets | 1 Request Baskets | 2025-02-18 | 6.5 Medium |
| request-baskets up to v1.2.1 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /api/baskets/{name}. This vulnerability allows attackers to access network resources and sensitive information via a crafted API request. | ||||
| CVE-2023-27159 | 1 Appwrite | 1 Appwrite | 2025-02-18 | 7.5 High |
| Appwrite up to v1.2.1 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /v1/avatars/favicon. This vulnerability allows attackers to access network resources and sensitive information via a crafted GET request. | ||||
| CVE-2023-5122 | 1 Grafana | 1 Grafana | 2025-02-13 | 5 Medium |
| Grafana is an open-source platform for monitoring and observability. The CSV datasource plugin is a Grafana Labs maintained plugin for Grafana that allows for retrieving and processing CSV data from a remote endpoint configured by an administrator. If this plugin was configured to send requests to a bare host with no path (e.g. https://www.example.com/ https://www.example.com/` ), requests to an endpoint other than the one configured by the administrator could be triggered by a specially crafted request from any user, resulting in an SSRF vector. AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator | ||||
| CVE-2023-50968 | 1 Apache | 1 Ofbiz | 2025-02-13 | 7.5 High |
| Arbitrary file properties reading vulnerability in Apache Software Foundation Apache OFBiz when user operates an uri call without authorizations. The same uri can be operated to realize a SSRF attack also without authorizations. Users are recommended to upgrade to version 18.12.11, which fixes this issue. | ||||
| CVE-2023-44313 | 1 Apache | 1 Servicecomb | 2025-02-13 | 7.6 High |
| Server-Side Request Forgery (SSRF) vulnerability in Apache ServiceComb Service-Center. Attackers can obtain sensitive server information through specially crafted requests.This issue affects Apache ServiceComb before 2.1.0(include). Users are recommended to upgrade to version 2.2.0, which fixes the issue. | ||||
| CVE-2023-37379 | 1 Apache | 1 Airflow | 2025-02-13 | 8.1 High |
| Apache Airflow, in versions prior to 2.7.0, contains a security vulnerability that can be exploited by an authenticated user possessing Connection edit privileges. This vulnerability allows the user to access connection information and exploit the test connection feature by sending many requests, leading to a denial of service (DoS) condition on the server. Furthermore, malicious actors can leverage this vulnerability to establish harmful connections with the server. Users of Apache Airflow are strongly advised to upgrade to version 2.7.0 or newer to mitigate the risk associated with this vulnerability. Additionally, administrators are encouraged to review and adjust user permissions to restrict access to sensitive functionalities, reducing the attack surface. | ||||
| CVE-2023-25504 | 1 Apache | 1 Superset | 2025-02-13 | 4.9 Medium |
| A malicious actor who has been authenticated and granted specific permissions in Apache Superset may use the import dataset feature in order to conduct Server-Side Request Forgery attacks and query internal resources on behalf of the server where Superset is deployed. This vulnerability exists in Apache Superset versions up to and including 2.0.1. | ||||
| CVE-2022-44730 | 3 Apache, Debian, Redhat | 4 Xml Graphics Batik, Debian Linux, Camel Spring Boot and 1 more | 2025-02-13 | 4.4 Medium |
| Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16. A malicious SVG can probe user profile / data and send it directly as parameter to a URL. | ||||
| CVE-2022-44729 | 3 Apache, Debian, Redhat | 4 Xml Graphics Batik, Debian Linux, Camel Spring Boot and 1 more | 2025-02-13 | 7.1 High |
| Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16. On version 1.16, a malicious SVG could trigger loading external resources by default, causing resource consumption or in some cases even information disclosure. Users are recommended to upgrade to version 1.17 or later. | ||||
| CVE-2022-3172 | 2 Kubernetes, Redhat | 3 Apiserver, Openshift, Openshift Data Foundation | 2025-02-13 | 5.1 Medium |
| A security issue was discovered in kube-apiserver that allows an aggregated API server to redirect client traffic to any URL. This could lead to the client performing unexpected actions as well as forwarding the client's API server credentials to third parties. | ||||
| CVE-2023-43654 | 1 Pytorch | 1 Torchserve | 2025-02-13 | 10 Critical |
| TorchServe is a tool for serving and scaling PyTorch models in production. TorchServe default configuration lacks proper input validation, enabling third parties to invoke remote HTTP download requests and write files to the disk. This issue could be taken advantage of to compromise the integrity of the system and sensitive data. This issue is present in versions 0.1.0 to 0.8.1. A user is able to load the model of their choice from any URL that they would like to use. The user of TorchServe is responsible for configuring both the allowed_urls and specifying the model URL to be used. A pull request to warn the user when the default value for allowed_urls is used has been merged in PR #2534. TorchServe release 0.8.2 includes this change. Users are advised to upgrade. There are no known workarounds for this issue. | ||||