Vulnerabilities > Server-Side Request Forgery (SSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-12 | CVE-2024-23761 | Server-Side Request Forgery (SSRF) vulnerability in Gambio 4.9.2.0 Server Side Template Injection in Gambio 4.9.2.0 allows attackers to run arbitrary code via crafted smarty email template. | 9.8 |
| 2024-02-09 | CVE-2024-24829 | Server-Side Request Forgery (SSRF) vulnerability in Sentry Sentry is an error tracking and performance monitoring platform. | 5.3 |
| 2024-02-08 | CVE-2023-42282 | Server-Side Request Forgery (SSRF) vulnerability in Fedorindutny IP The ip package before 1.1.9 for Node.js might allow SSRF because some IP addresses (such as 0x7f.1) are improperly categorized as globally routable via isPublic. | 9.8 |
| 2024-02-08 | CVE-2024-24113 | Server-Side Request Forgery (SSRF) vulnerability in Xuxueli Xxl-Job xxl-job =< 2.4.1 has a Server-Side Request Forgery (SSRF) vulnerability, which causes low-privileged users to control executor to RCE. | 8.8 |
| 2024-02-07 | CVE-2024-24806 | Server-Side Request Forgery (SSRF) vulnerability in Libuv libuv is a multi-platform support library with a focus on asynchronous I/O. | 7.3 |
| 2024-02-07 | CVE-2024-0628 | Server-Side Request Forgery (SSRF) vulnerability in Wprssaggregator WP RSS Aggregator The WP RSS Aggregator plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.23.5 via the RSS feed source in admin settings. | 3.8 |
| 2024-02-07 | CVE-2023-6388 | Server-Side Request Forgery (SSRF) vulnerability in Salesagility Suitecrm 7.14.2 Suite CRM version 7.14.2 allows making arbitrary HTTP requests through the vulnerable server. | 5.0 |
| 2024-02-05 | CVE-2023-22817 | Server-Side Request Forgery (SSRF) vulnerability in Westerndigital products Server-side request forgery (SSRF) vulnerability that could allow a rogue server on the local network to modify its URL using another DNS address to point back to the loopback adapter. | 5.5 |
| 2024-01-31 | CVE-2023-50165 | Server-Side Request Forgery (SSRF) vulnerability in Pega Platform Pega Platform versions 8.2.1 to Infinity 23.1.0 are affected by an Generated PDF issue that could expose file contents. | 8.6 |
| 2024-01-31 | CVE-2024-21893 | Server-Side Request Forgery (SSRF) vulnerability in Ivanti Connect Secure and Policy Secure A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) and Ivanti Neurons for ZTA allows an attacker to access certain restricted resources without authentication. | 8.2 |