Vulnerabilities > Server-Side Request Forgery (SSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-27 | CVE-2022-4335 | Server-Side Request Forgery (SSRF) vulnerability in Gitlab A blind SSRF vulnerability was identified in all versions of GitLab EE prior to 15.4.6, 15.5 prior to 15.5.5, and 15.6 prior to 15.6.1 which allows an attacker to connect to a local host. | 4.3 |
| 2023-01-27 | CVE-2023-24060 | Server-Side Request Forgery (SSRF) vulnerability in Havenweb Haven 5D15944 Haven 5d15944 allows Server-Side Request Forgery (SSRF) via the feed[url]= Feeds functionality. | 5.0 |
| 2023-01-26 | CVE-2022-46998 | Server-Side Request Forgery (SSRF) vulnerability in Taogogo Taocms 3.0.2 An issue in the website background of taocms v3.0.2 allows attackers to execute a Server-Side Request Forgery (SSRF). | 9.8 |
| 2023-01-26 | CVE-2023-24495 | Server-Side Request Forgery (SSRF) vulnerability in Tenable Tenable.Sc A Server Side Request Forgery (SSRF) vulnerability exists in Tenable.sc due to improper validation of session & user-accessible input data. | 6.5 |
| 2023-01-23 | CVE-2023-23560 | Server-Side Request Forgery (SSRF) vulnerability in Lexmark products In certain Lexmark products through 2023-01-12, SSRF can occur because of a lack of input validation. | 9.8 |
| 2023-01-23 | CVE-2021-43449 | Server-Side Request Forgery (SSRF) vulnerability in Onlyoffice Server 7.0.0.49 ONLYOFFICE all versions as of 2021-11-08 is vulnerable to Server-Side Request Forgery (SSRF). | 8.1 |
| 2023-01-20 | CVE-2021-37498 | Server-Side Request Forgery (SSRF) vulnerability in Reprisesoftware Reprise License Manager An SSRF issue was discovered in Reprise License Manager (RLM) web interface through 14.2BL4 that allows remote attackers to trigger outbound requests to intranet servers, conduct port scans via the actserver parameter in License Activation function. | 6.5 |
| 2023-01-20 | CVE-2023-20002 | Server-Side Request Forgery (SSRF) vulnerability in Cisco Roomos and Telepresence Collaboration Endpoint A vulnerability in Cisco TelePresence CE and RoomOS Software could allow an authenticated, local attacker to bypass access controls and conduct an SSRF attack through an affected device. This vulnerability is due to improper validation of user-supplied input. | 4.4 |
| 2023-01-18 | CVE-2022-45926 | Server-Side Request Forgery (SSRF) vulnerability in Opentext Extended ECM An issue was discovered in OpenText Content Suite Platform 22.1 (16.2.19.1803). | 8.8 |
| 2023-01-13 | CVE-2022-3841 | Server-Side Request Forgery (SSRF) vulnerability in Redhat Advanced Cluster Management for Kubernetes 2.0 RHACM: unauthenticated SSRF in console API endpoint. | 7.8 |