Vulnerabilities > Server-Side Request Forgery (SSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-14 | CVE-2023-22936 | Server-Side Request Forgery (SSRF) vulnerability in Splunk and Splunk Cloud Platform In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘search_listener’ parameter in a search allows for a blind server-side request forgery (SSRF) by an authenticated user. | 6.3 |
| 2023-02-13 | CVE-2023-25162 | Server-Side Request Forgery (SSRF) vulnerability in Nextcloud Server Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. | 5.3 |
| 2023-02-01 | CVE-2022-37033 | Server-Side Request Forgery (SSRF) vulnerability in Dotcms In dotCMS 5.x-22.06, TempFileAPI allows a user to create a temporary file based on a passed in URL, while attempting to block any SSRF access to local IP addresses or private subnets. | 6.5 |
| 2023-02-01 | CVE-2022-47872 | Server-Side Request Forgery (SSRF) vulnerability in Maccms 10.0 A Server-Side Request Forgery (SSRF) in maccms10 v2021.1000.2000 allows attackers to force the application to make arbitrary requests via a crafted payload injected into the Name parameter under the Interface address module. | 8.8 |
| 2023-01-30 | CVE-2023-24622 | Server-Side Request Forgery (SSRF) vulnerability in Includesecurity Safeurl-Python 1.0 isInList in the safeurl-python package before 1.2 for Python has an insufficiently restrictive regular expression for external domains, leading to SSRF. | 5.3 |
| 2023-01-30 | CVE-2023-24623 | Server-Side Request Forgery (SSRF) vulnerability in Paranoidhttp Project Paranoidhttp 0.1.0/0.2.0 Paranoidhttp before 0.3.0 allows SSRF because [::] is equivalent to the 127.0.0.1 address, but does not match the filter for private addresses. | 7.5 |
| 2023-01-27 | CVE-2022-4201 | Server-Side Request Forgery (SSRF) vulnerability in Gitlab A blind SSRF in GitLab CE/EE affecting all from 11.3 prior to 15.4.6, 15.5 prior to 15.5.5, and 15.6 prior to 15.6.1 allows an attacker to connect to local addresses when configuring a malicious GitLab Runner. | 5.3 |
| 2023-01-27 | CVE-2022-4335 | Server-Side Request Forgery (SSRF) vulnerability in Gitlab A blind SSRF vulnerability was identified in all versions of GitLab EE prior to 15.4.6, 15.5 prior to 15.5.5, and 15.6 prior to 15.6.1 which allows an attacker to connect to a local host. | 4.3 |
| 2023-01-27 | CVE-2023-24060 | Server-Side Request Forgery (SSRF) vulnerability in Havenweb Haven 5D15944 Haven 5d15944 allows Server-Side Request Forgery (SSRF) via the feed[url]= Feeds functionality. | 5.0 |
| 2023-01-26 | CVE-2022-46998 | Server-Side Request Forgery (SSRF) vulnerability in Taogogo Taocms 3.0.2 An issue in the website background of taocms v3.0.2 allows attackers to execute a Server-Side Request Forgery (SSRF). | 9.8 |