Vulnerabilities > Server-Side Request Forgery (SSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-10 | CVE-2024-47167 | Server-Side Request Forgery (SSRF) vulnerability in Gradio Project Gradio Gradio is an open-source Python package designed for quick prototyping. | 9.8 |
| 2024-10-10 | CVE-2024-45119 | Server-Side Request Forgery (SSRF) vulnerability in Adobe Commerce and Magento Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by a Server-Side Request Forgery (SSRF) vulnerability that could lead to arbitrary file system read. | 6.4 |
| 2024-10-10 | CVE-2024-8977 | Server-Side Request Forgery (SSRF) vulnerability in Gitlab An issue has been discovered in GitLab EE affecting all versions starting from 15.10 prior to 17.2.9, from 17.3 prior to 17.3.5, and from 17.4 prior to 17.4.2. | 8.1 |
| 2024-10-08 | CVE-2024-47008 | Server-Side Request Forgery (SSRF) vulnerability in Ivanti Avalanche Server-side request forgery in Ivanti Avalanche before version 6.4.5 allows a remote unauthenticated attacker to leak sensitive information. | 7.5 |
| 2024-10-07 | CVE-2024-45291 | Server-Side Request Forgery (SSRF) vulnerability in PHPoffice PHPspreadsheet PHPSpreadsheet is a pure PHP library for reading and writing spreadsheet files. | 8.8 |
| 2024-10-04 | CVE-2024-9410 | Server-Side Request Forgery (SSRF) vulnerability in ADA Ada.cx's Sentry configuration allowed for blind server-side request forgeries (SSRF) through the use of a data scraping endpoint. | 5.3 |
| 2024-09-26 | CVE-2024-45843 | Server-Side Request Forgery (SSRF) vulnerability in Mattermost Server Mattermost versions 9.5.x <= 9.5.8 fail to include the metadata endpoints of Oracle Cloud and Alibaba in the SSRF denylist, which allows an attacker to possibly cause an SSRF if Mattermost was deployed in Oracle Cloud or Alibaba. | 5.4 |
| 2024-09-23 | CVE-2024-47222 | Server-Side Request Forgery (SSRF) vulnerability in Myoffice MY Office SDK New Cloud MyOffice SDK Collaborative Editing Server 2.2.2 through 2.8 allows SSRF via manipulation of requests from external document storage via the MS-WOPI protocol. | 9.8 |
| 2024-09-23 | CVE-2024-47066 | Server-Side Request Forgery (SSRF) vulnerability in Lobehub Lobe Chat Lobe Chat is an open-source artificial intelligence chat framework. | 8.8 |
| 2024-09-17 | CVE-2024-47049 | Server-Side Request Forgery (SSRF) vulnerability in Czim File-Handling The czim/file-handling package before 1.5.0 and 2.x before 2.3.0 (used with PHP Composer) does not properly validate URLs within makeFromUrl and makeFromAny, leading to SSRF, and to directory traversal for the reading of local files. | 8.2 |