Medium severity4.3NVD Advisory· Published Jan 10, 2022· Updated Jun 17, 2026
CVE-2022-22702
CVE-2022-22702
Description
PartKeepr versions up to v1.4.0, in the functionality to upload attachments using a URL when creating a part does not validate that requests can be made to local ports, allowing an authenticated user to carry out SSRF attacks and port enumeration.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- PartKeepr/PartKeeprdescription
Patches
Vulnerability mechanics
References
2- fluidattacks.com/advisories/joplin/nvdExploitThird Party Advisory
- github.com/partkeepr/PartKeepr/issues/1230nvdExploitIssue TrackingThird Party Advisory
News mentions
0No linked articles in our index yet.