Unrated severityNVD Advisory· Published Jul 21, 2020· Updated Aug 4, 2024
CVE-2020-15879
CVE-2020-15879
Description
Bitwarden Server 1.35.1 allows SSRF because it does not consider certain IPv6 addresses (ones beginning with fc, fd, fe, or ff, and the :: address) and certain IPv4 addresses (0.0.0.0/8, 127.0.0.0/8, and 169.254.0.0/16).
Affected products
2- Bitwarden/Serverdescription
Patches
Vulnerability mechanics
References
1- github.com/bitwarden/server/pull/827mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.