Total
1502 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-26135 | 1 Atlassian | 4 Jira Data Center, Jira Server, Jira Service Desk and 1 more | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| A vulnerability in Mobile Plugin for Jira Data Center and Server allows a remote, authenticated user (including a user who joined via the sign-up feature) to perform a full read server-side request forgery via a batch endpoint. This affects Atlassian Jira Server and Data Center from version 8.0.0 before version 8.13.22, from version 8.14.0 before 8.20.10, from version 8.21.0 before 8.22.4. This also affects Jira Management Server and Data Center versions from version 4.0.0 before 4.13.22, from version 4.14.0 before 4.20.10 and from version 4.21.0 before 4.22.4. | |||||
| CVE-2022-25876 | 1 Link-preview-js Project | 1 Link-preview-js | 2024-11-21 | 2.1 LOW | 6.2 MEDIUM |
| The package link-preview-js before 2.1.16 are vulnerable to Server-side Request Forgery (SSRF) which allows attackers to send arbitrary requests to the local network and read the response. This is due to flawed DNS rebinding protection. | |||||
| CVE-2022-25850 | 1 Proxyscotch Project | 1 Proxyscotch | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| The package github.com/hoppscotch/proxyscotch before 1.0.0 are vulnerable to Server-side Request Forgery (SSRF) when interceptor mode is set to proxy. It occurs when an HTTP request is made by a backend server to an untrusted URL submitted by a user. It leads to a leakage of sensitive information from the server. | |||||
| CVE-2022-25801 | 1 Bestpractical | 1 Request Tracker For Incident Response | 2024-11-21 | N/A | 9.1 CRITICAL |
| Best Practical RT for Incident Response (RTIR) before 4.0.3 and 5.x before 5.0.3 allows SSRF via Scripted Action tools. | |||||
| CVE-2022-25800 | 1 Bestpractical | 1 Request Tracker For Incident Response | 2024-11-21 | N/A | 9.1 CRITICAL |
| Best Practical RT for Incident Response (RTIR) before 4.0.3 and 5.x before 5.0.3 allows SSRF via the whois lookup tool. | |||||
| CVE-2022-25260 | 1 Jetbrains | 1 Hub | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
| JetBrains Hub before 2021.1.14276 was vulnerable to blind Server-Side Request Forgery (SSRF). | |||||
| CVE-2022-24980 | 1 Kitodo | 1 Kitodo.presentation | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in the Kitodo.Presentation (aka dif) extension before 2.3.2, 3.x before 3.2.3, and 3.3.x before 3.3.4 for TYPO3. A missing access check in an eID script allows an unauthenticated user to submit arbitrary URLs to this component. This results in SSRF, allowing attackers to view the content of any file or webpage the webserver has access to. | |||||
| CVE-2022-24969 | 1 Apache | 1 Dubbo | 2024-11-21 | 5.8 MEDIUM | 6.1 MEDIUM |
| bypass CVE-2021-25640 > In Apache Dubbo prior to 2.6.12 and 2.7.15, the usage of parseURL method will lead to the bypass of the white host check which can cause open redirect or SSRF vulnerability. | |||||
| CVE-2022-24871 | 1 Shopware | 1 Shopware | 2024-11-21 | 5.5 MEDIUM | 7.2 HIGH |
| Shopware is an open commerce platform based on Symfony Framework and Vue. In affected versions an attacker can abuse the Admin SDK functionality on the server to read or update internal resources. Users are advised to update to the current version 6.4.10.1. For older versions of 6.1, 6.2, and 6.3, corresponding security measures are also available via a plugin. There are no known workarounds for this issue. | |||||
| CVE-2022-24862 | 1 Databasir Project | 1 Databasir | 2024-11-21 | 4.0 MEDIUM | 7.7 HIGH |
| Databasir is a team-oriented relational database model document management platform. Databasir 1.01 has Server-Side Request Forgery vulnerability. During the download verification process of a JDBC driver the corresponding JDBC driver download address will be downloaded first, but this address will return a response page with complete error information when accessing a non-existent URL. Attackers can take advantage of this feature for SSRF. | |||||
| CVE-2022-24856 | 1 Flyte | 1 Flyte Console | 2024-11-21 | 5.0 MEDIUM | 9.1 CRITICAL |
| FlyteConsole is the web user interface for the Flyte platform. FlyteConsole prior to version 0.52.0 is vulnerable to server-side request forgery (SSRF) when FlyteConsole is open to the general internet. An attacker can exploit any user of a vulnerable instance to access the internal metadata server or other unauthenticated URLs. Passing of headers to an unauthorized actor may occur. The patch for this issue deletes the entire `cors_proxy`, as this is not required for console anymore. A patch is available in FlyteConsole version 0.52.0. Disable FlyteConsole availability on the internet as a workaround. | |||||
| CVE-2022-24825 | 1 Stripe | 1 Smokescreen | 2024-11-21 | 5.0 MEDIUM | 5.8 MEDIUM |
| Smokescreen is a simple HTTP proxy that fogs over naughty URLs. The primary use case for Smokescreen is to prevent server-side request forgery (SSRF) attacks in which external attackers leverage the behavior of applications to connect to or scan internal infrastructure. Smokescreen also offers an option to deny access to additional (e.g., external) URLs by way of a deny list. There was an issue in Smokescreen that made it possible to bypass the deny list feature by appending a dot to the end of user-supplied URLs, or by providing input in a different letter case. Recommended to upgrade Smokescreen to version 0.0.3 or later. | |||||
| CVE-2022-24789 | 1 Orckestra | 1 C1 Cms | 2024-11-21 | 6.5 MEDIUM | 7.6 HIGH |
| C1 CMS is an open-source, .NET based Content Management System (CMS). Versions prior to 6.12 allow an authenticated user to exploit Server Side Request Forgery (SSRF) by causing the server to make arbitrary GET requests to other servers in the local network or on localhost. The attacker may also truncate arbitrary files to zero size (effectively delete them) leading to denial of service (DoS) or altering application logic. The authenticated user may unknowingly perform the actions by visiting a specially crafted site. Patched in C1 CMS v6.12, no known workarounds exist. | |||||
| CVE-2022-24739 | 1 Alltube Project | 1 Alltube | 2024-11-21 | 4.0 MEDIUM | 7.3 HIGH |
| alltube is an html front end for youtube-dl. On releases prior to 3.0.3, an attacker could craft a special HTML page to trigger either an open redirect attack or a Server-Side Request Forgery attack (depending on how AllTube is configured). The impact is mitigated by the fact the SSRF attack is only possible when the `stream` option is enabled in the configuration. (This option is disabled by default.) 3.0.3 contains a fix for this vulnerability. | |||||
| CVE-2022-24568 | 1 Xxyopen | 1 Novel-plus | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Novel-plus v3.6.0 was discovered to be vulnerable to Server-Side Request Forgery (SSRF) via user-supplied crafted input. | |||||
| CVE-2022-24449 | 1 Rt-solar | 1 Solar Appscreener | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Solar appScreener through 3.10.4, when a valid license is not present, allows XXE and SSRF attacks via a crafted XML document. | |||||
| CVE-2022-24333 | 1 Jetbrains | 1 Teamcity | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| In JetBrains TeamCity before 2021.2, blind SSRF via an XML-RPC call was possible. | |||||
| CVE-2022-24129 | 1 Shibboleth | 1 Oidc Op | 2024-11-21 | 6.4 MEDIUM | 8.2 HIGH |
| The OIDC OP plugin before 3.0.4 for Shibboleth Identity Provider allows server-side request forgery (SSRF) due to insufficient restriction of the request_uri parameter. This allows attackers to interact with arbitrary third-party HTTP services. | |||||
| CVE-2022-23668 | 1 Arubanetworks | 1 Clearpass Policy Manager | 2024-11-21 | 4.0 MEDIUM | 4.9 MEDIUM |
| A remote authenticated server-side request forgery (ssrf) vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manage that address this security vulnerability. | |||||
| CVE-2022-23644 | 1 Joinbookwyrm | 1 Bookwyrm | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| BookWyrm is a decentralized social network for tracking reading habits and reviewing books. The functionality to load a cover via url is vulnerable to a server-side request forgery attack. Any BookWyrm instance running a version prior to v0.3.0 is susceptible to attack from a logged-in user. The problem has been patched and administrators should upgrade to version 0.3.0 As a workaround, BookWyrm instances can close registration and limit members to trusted individuals. | |||||