CWE-918
Server-Side Request Forgery (SSRF)
Description
The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.
Hierarchy (View 1000)
Parents
Children
none
Related attack patterns (CAPEC)
CAPEC-664
CVEs mapped to this weakness (1,583)
page 48 of 80| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-4354 | Med | 0.35 | 6.4 | 0.00 | Jun 7, 2024 | The TablePress – Tables in WordPress made easy plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.3 via the get_files_to_import() function. This makes it possible for authenticated attackers, with author-level access and… | ||
| CVE-2024-33634 | Med | 0.35 | 5.4 | 0.00 | Apr 29, 2024 | Server-Side Request Forgery (SSRF) vulnerability in Piotnet Piotnet Addons For Elementor Pro.This issue affects Piotnet Addons For Elementor Pro: from n/a through 7.1.17. | ||
| CVE-2024-33592 | Med | 0.35 | 5.4 | 0.00 | Apr 25, 2024 | Server-Side Request Forgery (SSRF) vulnerability in SoftLab Radio Player.This issue affects Radio Player: from n/a through 2.0.73. | ||
| CVE-2023-6805 | Med | 0.35 | 6.4 | 0.00 | Apr 17, 2024 | The RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 4.4.7 via the fetch_feed functionality. This makes it possible for… | ||
| CVE-2024-30453 | Med | 0.35 | 5.4 | 0.00 | Mar 29, 2024 | Server-Side Request Forgery (SSRF) vulnerability in Brave Brave Popup Builder.This issue affects Brave Popup Builder: from n/a through 0.6.5. | ||
| CVE-2024-27949 | Med | 0.35 | 5.4 | 0.00 | Mar 1, 2024 | Server-Side Request Forgery (SSRF) vulnerability in Sirv CDN and Image Hosting Sirv sirv.This issue affects Sirv: from n/a through <= 7.2.0. | ||
| CVE-2024-1568 | Med | 0.35 | 6.4 | 0.00 | Feb 28, 2024 | The Seraphinite Accelerator plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.20.52 via the OnAdminApi_HtmlCheck function. This makes it possible for authenticated attackers, with subscriber-level access and above, to make… | ||
| CVE-2024-1758 | Med | 0.35 | 5.4 | 0.01 | Feb 26, 2024 | The SuperFaktura WooCommerce plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.40.3 via the wc_sf_url_check function. This makes it possible for authenticated attackers, with subscriber-level access and above, to make web… | ||
| CVE-2023-49795 | Med | 0.35 | 6.5 | 0.00 | Dec 11, 2023 | MindsDB connects artificial intelligence models to real time data. Versions prior to 23.11.4.1 contain a server-side request forgery vulnerability in `file.py`. This can lead to limited information disclosure. Users should use MindsDB's `staging` branch or v23.11.4.1, which… | ||
| CVE-2023-25753 | Med | 0.35 | 6.5 | 0.01 | Oct 19, 2023 | There exists an SSRF (Server-Side Request Forgery) vulnerability located at the /sandbox/proxyGateway endpoint. This vulnerability allows us to manipulate arbitrary requests and retrieve corresponding responses by inputting any URL into the requestUrl parameter. Of particular… | ||
| CVE-2022-41401 | Med | 0.35 | 6.5 | 0.01 | Aug 4, 2023 | OpenRefine <= v3.5.2 contains a Server-Side Request Forgery (SSRF) vulnerability, which permits unauthorized users to exploit the system, potentially leading to unauthorized access to internal resources and sensitive file disclosure. | ||
| CVE-2022-38398 | — | Med | 0.35 | 5.3 | 0.02 | Sep 22, 2022 | Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to load a url thru the jar protocol. This issue affects Apache XML Graphics Batik 1.14. | |
| CVE-2022-1285 | Med | 0.35 | 6.5 | 0.01 | Jun 1, 2022 | Server-Side Request Forgery (SSRF) in GitHub repository gogs/gogs prior to 0.12.8. | ||
| CVE-2022-0528 | — | Med | 0.35 | 6.5 | 0.01 | Mar 3, 2022 | Server-Side Request Forgery (SSRF) in GitHub repository transloadit/uppy prior to 3.3.1. | |
| CVE-2021-23718 | — | Med | 0.35 | 6.5 | 0.02 | Nov 22, 2021 | The package ssrf-agent before 1.0.5 are vulnerable to Server-side Request Forgery (SSRF) via the defaultIpChecker function. It fails to properly validate if the IP requested is private. | |
| CVE-2021-22969 | — | Med | 0.35 | 5.3 | 0.01 | Nov 19, 2021 | Concrete CMS (formerly concrete5) versions below 8.5.7 has a SSRF mitigation bypass using DNS Rebind attack giving an attacker the ability to fetch cloud IAAS (ex AWS) IAM keys.To fix this Concrete CMS no longer allows downloads from the local network and specifies the validated… | |
| CVE-2020-21122 | — | Med | 0.35 | 5.3 | 0.01 | Sep 15, 2021 | UReport v2.2.9 contains a Server-Side Request Forgery (SSRF) in the designer page which allows attackers to detect intranet device ports. | |
| CVE-2018-1000422 | Med | 0.35 | 6.5 | 0.01 | Jan 9, 2019 | An improper authorization vulnerability exists in Jenkins Crowd 2 Integration Plugin 2.0.0 and earlier in CrowdSecurityRealm.java that allows attackers to have Jenkins perform a connection test, connecting to an attacker-specified server with attacker-specified credentials and… | ||
| CVE-2018-1999026 | — | Med | 0.35 | 6.5 | 0.01 | Aug 1, 2018 | A server-side request forgery vulnerability exists in Jenkins TraceTronic ECU-TEST Plugin 2.3 and earlier in ATXPublisher.java that allows attackers to have Jenkins send HTTP requests to an attacker-specified host. | |
| CVE-2018-1000606 | — | Med | 0.35 | 6.5 | 0.01 | Jun 26, 2018 | A server-side request forgery vulnerability exists in Jenkins URLTrigger Plugin 0.41 and earlier in URLTrigger.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a specified URL. |
- risk 0.35cvss 6.4epss 0.00
The TablePress – Tables in WordPress made easy plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.3 via the get_files_to_import() function. This makes it possible for authenticated attackers, with author-level access and…
- risk 0.35cvss 5.4epss 0.00
Server-Side Request Forgery (SSRF) vulnerability in Piotnet Piotnet Addons For Elementor Pro.This issue affects Piotnet Addons For Elementor Pro: from n/a through 7.1.17.
- risk 0.35cvss 5.4epss 0.00
Server-Side Request Forgery (SSRF) vulnerability in SoftLab Radio Player.This issue affects Radio Player: from n/a through 2.0.73.
- risk 0.35cvss 6.4epss 0.00
The RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 4.4.7 via the fetch_feed functionality. This makes it possible for…
- risk 0.35cvss 5.4epss 0.00
Server-Side Request Forgery (SSRF) vulnerability in Brave Brave Popup Builder.This issue affects Brave Popup Builder: from n/a through 0.6.5.
- risk 0.35cvss 5.4epss 0.00
Server-Side Request Forgery (SSRF) vulnerability in Sirv CDN and Image Hosting Sirv sirv.This issue affects Sirv: from n/a through <= 7.2.0.
- risk 0.35cvss 6.4epss 0.00
The Seraphinite Accelerator plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.20.52 via the OnAdminApi_HtmlCheck function. This makes it possible for authenticated attackers, with subscriber-level access and above, to make…
- risk 0.35cvss 5.4epss 0.01
The SuperFaktura WooCommerce plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.40.3 via the wc_sf_url_check function. This makes it possible for authenticated attackers, with subscriber-level access and above, to make web…
- risk 0.35cvss 6.5epss 0.00
MindsDB connects artificial intelligence models to real time data. Versions prior to 23.11.4.1 contain a server-side request forgery vulnerability in `file.py`. This can lead to limited information disclosure. Users should use MindsDB's `staging` branch or v23.11.4.1, which…
- risk 0.35cvss 6.5epss 0.01
There exists an SSRF (Server-Side Request Forgery) vulnerability located at the /sandbox/proxyGateway endpoint. This vulnerability allows us to manipulate arbitrary requests and retrieve corresponding responses by inputting any URL into the requestUrl parameter. Of particular…
- risk 0.35cvss 6.5epss 0.01
OpenRefine <= v3.5.2 contains a Server-Side Request Forgery (SSRF) vulnerability, which permits unauthorized users to exploit the system, potentially leading to unauthorized access to internal resources and sensitive file disclosure.
- risk 0.35cvss 5.3epss 0.02
Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to load a url thru the jar protocol. This issue affects Apache XML Graphics Batik 1.14.
- risk 0.35cvss 6.5epss 0.01
Server-Side Request Forgery (SSRF) in GitHub repository gogs/gogs prior to 0.12.8.
- risk 0.35cvss 6.5epss 0.01
Server-Side Request Forgery (SSRF) in GitHub repository transloadit/uppy prior to 3.3.1.
- risk 0.35cvss 6.5epss 0.02
The package ssrf-agent before 1.0.5 are vulnerable to Server-side Request Forgery (SSRF) via the defaultIpChecker function. It fails to properly validate if the IP requested is private.
- risk 0.35cvss 5.3epss 0.01
Concrete CMS (formerly concrete5) versions below 8.5.7 has a SSRF mitigation bypass using DNS Rebind attack giving an attacker the ability to fetch cloud IAAS (ex AWS) IAM keys.To fix this Concrete CMS no longer allows downloads from the local network and specifies the validated…
- risk 0.35cvss 5.3epss 0.01
UReport v2.2.9 contains a Server-Side Request Forgery (SSRF) in the designer page which allows attackers to detect intranet device ports.
- risk 0.35cvss 6.5epss 0.01
An improper authorization vulnerability exists in Jenkins Crowd 2 Integration Plugin 2.0.0 and earlier in CrowdSecurityRealm.java that allows attackers to have Jenkins perform a connection test, connecting to an attacker-specified server with attacker-specified credentials and…
- risk 0.35cvss 6.5epss 0.01
A server-side request forgery vulnerability exists in Jenkins TraceTronic ECU-TEST Plugin 2.3 and earlier in ATXPublisher.java that allows attackers to have Jenkins send HTTP requests to an attacker-specified host.
- risk 0.35cvss 6.5epss 0.01
A server-side request forgery vulnerability exists in Jenkins URLTrigger Plugin 0.41 and earlier in URLTrigger.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a specified URL.