VYPR
Moderate severityNVD Advisory· Published Jun 22, 2022· Updated Sep 17, 2024

directus - SSRF which leads to internal port scan

CVE-2022-23080

Description

In directus versions v9.0.0-beta.2 through 9.6.0 are vulnerable to server-side request forgery (SSRF) in the media upload functionality which allows a low privileged user to perform internal network port scans.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
directusnpm
>= 9.0.0-beta.2, < 9.7.09.7.0

Affected products

2

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.