VYPR

CWE-918

Server-Side Request Forgery (SSRF)

BaseIncomplete

Description

The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-664

CVEs mapped to this weakness (1,583)

page 76 of 80
  • CVE-2022-23206Feb 6, 2022
    risk 0.00cvss epss 0.02

    In Apache Traffic Control Traffic Ops prior to 6.1.0 or 5.1.6, an unprivileged user who can reach Traffic Ops over HTTPS can send a specially-crafted POST request to /user/login/oauth to scan a port of a server that Traffic Ops can reach.

  • CVE-2022-0339Jan 30, 2022
    risk 0.00cvss epss 0.01

    Server-Side Request Forgery (SSRF) in Pypi calibreweb prior to 0.6.16.

  • CVE-2022-21697Jan 25, 2022
    risk 0.00cvss epss 0.01

    Jupyter Server Proxy is a Jupyter notebook server extension to proxy web services. Versions of Jupyter Server Proxy prior to 3.2.1 are vulnerable to Server-Side Request Forgery (SSRF). Any user deploying Jupyter Server or Notebook with jupyter-proxy-server extension enabled is…

  • CVE-2021-23664Jan 21, 2022
    risk 0.00cvss epss 0.01

    The package @isomorphic-git/cors-proxy before 2.7.1 are vulnerable to Server-side Request Forgery (SSRF) due to missing sanitization and validation of the redirection action in middleware.js.

  • CVE-2021-45394Jan 18, 2022
    risk 0.00cvss epss 0.02

    An issue was discovered in Spipu HTML2PDF before 5.2.4. Attackers can trigger deserialization of arbitrary data via the injection of a malicious tag in the converted HTML document.

  • CVE-2021-27738Jan 6, 2022
    risk 0.00cvss epss 0.03

    All request mappings in `StreamingCoordinatorController.java` handling `/kylin/api/streaming_coordinator/*` REST API endpoints did not include any security checks, which allowed an unauthenticated user to issue arbitrary requests, such as assigning/unassigning of streaming…

  • CVE-2022-0086Jan 4, 2022
    risk 0.00cvss epss 0.01

    uppy is vulnerable to Server-Side Request Forgery (SSRF)

  • CVE-2021-4075Dec 6, 2021
    risk 0.00cvss epss 0.01

    snipe-it is vulnerable to Server-Side Request Forgery (SSRF)

  • CVE-2021-23718Nov 22, 2021
    risk 0.00cvss epss 0.02

    The package ssrf-agent before 1.0.5 are vulnerable to Server-side Request Forgery (SSRF) via the defaultIpChecker function. It fails to properly validate if the IP requested is private.

  • CVE-2021-22970Nov 19, 2021
    risk 0.00cvss epss 0.01

    Concrete CMS (formerly concrete5) versions 8.5.6 and below and version 9.0.0 allow local IP importing causing the system to be vulnerable toa. SSRF attacks on the private LAN servers by reading files from the local LAN. An attacker can pivot in the private LAN and exploit local…

  • CVE-2021-25972Oct 20, 2021
    risk 0.00cvss epss 0.01

    In Camaleon CMS, versions 2.1.2.0 to 2.6.0, are vulnerable to Server-Side Request Forgery (SSRF) in the media upload feature, which allows admin users to fetch media files from external URLs but fails to validate URLs referencing to localhost or other internal servers. This…

  • CVE-2021-22958Oct 7, 2021
    risk 0.00cvss epss 0.01

    A Server-Side Request Forgery vulnerability was found in concrete5 < 8.5.5 that allowed a decimal notation encoded IP address to bypass the limitations in place for localhost allowing interaction with local services. Impact can vary depending on services exposed.CVSSv2.0…

  • CVE-2021-41084Sep 21, 2021
    risk 0.00cvss epss 0.01

    http4s is an open source scala interface for HTTP. In affected versions http4s is vulnerable to response-splitting or request-splitting attacks when untrusted user input is used to create any of the following fields: Header names (`Header.name`å), Header values…

  • CVE-2020-21122Sep 15, 2021
    risk 0.00cvss epss 0.01

    UReport v2.2.9 contains a Server-Side Request Forgery (SSRF) in the designer page which allows attackers to detect intranet device ports.

  • CVE-2021-36043Sep 1, 2021
    risk 0.00cvss epss 0.02

    Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by a blind SSRF vulnerability in the bundled dotmailer extension. An attacker with admin privileges could abuse this to achieve remote code execution should Redis be…

  • CVE-2021-39150Aug 23, 2021
    risk 0.00cvss epss 0.03

    XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to request data from internal resources that are not publicly available only by manipulating the processed input stream with a Java runtime…

  • CVE-2021-37711Aug 16, 2021
    risk 0.00cvss epss 0.01

    Versions prior to 6.4.3.1 contain an authenticated server-side request forgery vulnerability in file upload via URL. Version 6.4.3.1 contains a patch. As workarounds for older versions of 6.1, 6.2, and 6.3, corresponding security measures are also available via a plugin.

  • CVE-2021-33571Jun 8, 2021
    risk 0.00cvss epss 0.03

    In Django 2.2 before 2.2.24, 3.x before 3.1.12, and 3.2 before 3.2.4, URLValidator, validate_ipv4_address, and validate_ipv46_address do not prohibit leading zero characters in octal literals. This may allow a bypass of access control that is based on IP addresses.…

  • CVE-2021-25640May 31, 2021
    risk 0.00cvss epss 0.02

    In Apache Dubbo prior to 2.6.9 and 2.7.9, the usage of parseURL method will lead to the bypass of white host check which can cause open redirect or SSRF vulnerability.

  • CVE-2021-30108May 24, 2021
    risk 0.00cvss epss 0.01

    Feehi CMS 2.1.1 is affected by a Server-side request forgery (SSRF) vulnerability. When the user modifies the HTTP Referer header to any url, the server can make a request to it.