Vulnerabilities > Arangodb > Arangodb > 3.9.0

DATE CVE VULNERABILITY TITLE RISK
2022-02-09 CVE-2021-25939 Server-Side Request Forgery (SSRF) vulnerability in Arangodb
In ArangoDB, versions v3.7.0 through v3.9.0-alpha.1 have a feature which allows downloading a Foxx service from a publicly available URL.
network
low complexity
arangodb CWE-918
4.0
4.0