Latest Server-Side Request Forgery (SSRF) Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-04 | CVE-2020-4632 | Server-Side Request Forgery (SSRF) vulnerability in IBM Infosphere Metadata Asset Manager 11.7 IBM InfoSphere Metadata Asset Manager 11.7 is vulnerable to server-side request forgery. | |
| 2020-08-31 | CVE-2020-12644 | Server-Side Request Forgery (SSRF) vulnerability in Open-Xchange Appsuite OX App Suite 7.10.3 and earlier allows SSRF, related to the mail account API and the /folder/list API. | |
| 2020-08-29 | CVE-2020-24898 | Server-Side Request Forgery (SSRF) vulnerability in Stiltsoft Table Filter and Charts FOR Confluence Server The Table Filter and Charts for Confluence Server app before 5.3.26 (for Atlassian Confluence) allows SSRF via the "Table from CSV" macro (URL parameter). | |
| 2020-08-28 | CVE-2020-9298 | Server-Side Request Forgery (SSRF) vulnerability in Spinnaker Orca The Spinnaker template resolution functionality is vulnerable to Server-Side Request Forgery (SSRF), which allows an attacker to send requests on behalf of Spinnaker potentially leading to sensitive data disclosure. | |
| 2020-08-26 | CVE-2020-24548 | Server-Side Request Forgery (SSRF) vulnerability in Ericom Access Server 9.2.0 Ericom Access Server 9.2.0 (for AccessNow and Ericom Blaze) allows SSRF to make outbound WebSocket connection requests on arbitrary TCP ports, and provides "Cannot connect to" error messages to inform the attacker about closed ports. | |
| 2020-08-25 | CVE-2020-17386 | Server-Side Request Forgery (SSRF) vulnerability in Cellopoint Cellos 4.1.10 Cellopoint Cellos v4.1.10 Build 20190922 does not validate URL inputted properly. | |
| 2020-08-24 | CVE-2020-14044 | Server-Side Request Forgery (SSRF) vulnerability in Codiad ** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** A Server-Side Request Forgery (SSRF) vulnerability was found in Codiad v1.7.8 and later. | |
| 2020-08-21 | CVE-2020-5775 | Server-Side Request Forgery (SSRF) vulnerability in Instructure Canvas Learning Management Service 20200729 Server-Side Request Forgery in Canvas LMS 2020-07-29 allows a remote, unauthenticated attacker to cause the Canvas application to perform HTTP GET requests to arbitrary domains. | |
| 2020-08-17 | CVE-2020-15152 | Server-Side Request Forgery (SSRF) vulnerability in Ftp-Srv Project Ftp-Srv ftp-srv versions 1.0.0 through 4.3.3 are vulnerable to Server-Side Request Forgery. | |
| 2020-08-17 | CVE-2020-8226 | Server-Side Request Forgery (SSRF) vulnerability in PHPbb A vulnerability exists in phpBB <v3.2.10 and <v3.3.1 which allowed remote image dimensions check to be used to SSRF. |