Vulnerabilities > Server-Side Request Forgery (SSRF)
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-08-12 | CVE-2022-35949 | Server-Side Request Forgery (SSRF) vulnerability in Nodejs Undici undici is an HTTP/1.1 client, written from scratch for Node.js.`undici` is vulnerable to SSRF (Server-side Request Forgery) when an application takes in **user input** into the `path/pathname` option of `undici.request`. | 9.8 |
2022-08-10 | CVE-2022-2756 | Server-Side Request Forgery (SSRF) vulnerability in Kavitareader Kavita Server-Side Request Forgery (SSRF) in GitHub repository kareadita/kavita prior to 0.5.4.1. | 6.5 |
2022-08-01 | CVE-2022-31188 | Server-Side Request Forgery (SSRF) vulnerability in Cvat CVAT is an opensource interactive video and image annotation tool for computer vision. | 9.8 |
2022-07-28 | CVE-2022-36997 | Server-Side Request Forgery (SSRF) vulnerability in Veritas products An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). | 8.8 |
2022-07-07 | CVE-2022-2339 | Server-Side Request Forgery (SSRF) vulnerability in Xgenecloud Nocodb With this SSRF vulnerability, an attacker can reach internal addresses to make a request as the server and read it's contents. | 5.0 |
2022-07-01 | CVE-2022-25876 | Server-Side Request Forgery (SSRF) vulnerability in Link-Preview-Js Project Link-Preview-Js The package link-preview-js before 2.1.16 are vulnerable to Server-side Request Forgery (SSRF) which allows attackers to send arbitrary requests to the local network and read the response. | 2.1 |
2022-06-30 | CVE-2022-26135 | Server-Side Request Forgery (SSRF) vulnerability in Atlassian products A vulnerability in Mobile Plugin for Jira Data Center and Server allows a remote, authenticated user (including a user who joined via the sign-up feature) to perform a full read server-side request forgery via a batch endpoint. | 4.0 |
2022-06-28 | CVE-2022-0085 | Server-Side Request Forgery (SSRF) vulnerability in Dompdf Project Dompdf Server-Side Request Forgery (SSRF) in GitHub repository dompdf/dompdf prior to 2.0.0. | 4.3 |
2022-06-28 | CVE-2017-20106 | Server-Side Request Forgery (SSRF) vulnerability in Khoros Lithium Forum 2017 A vulnerability, which was classified as critical, has been found in Lithium Forum 2017 Q1. | 3.6 |
2022-06-27 | CVE-2022-32995 | Server-Side Request Forgery (SSRF) vulnerability in Halo 1.5.3 Halo CMS v1.5.3 was discovered to contain a Server-Side Request Forgery (SSRF) via the template remote download function. | 7.5 |