Vulnerabilities > Server-Side Request Forgery (SSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-19 | CVE-2022-24825 | Server-Side Request Forgery (SSRF) vulnerability in Stripe Smokescreen 0.0.2 Smokescreen is a simple HTTP proxy that fogs over naughty URLs. | 5.3 |
| 2022-04-19 | CVE-2022-29153 | Server-Side Request Forgery (SSRF) vulnerability in multiple products HashiCorp Consul and Consul Enterprise up to 1.9.16, 1.10.9, and 1.11.4 may allow server side request forgery when the Consul client agent follows redirects returned by HTTP health check endpoints. | 7.5 |
| 2022-04-15 | CVE-2022-27426 | Server-Side Request Forgery (SSRF) vulnerability in Chamilo LMS A Server-Side Request Forgery (SSRF) in Chamilo LMS v1.11.13 allows attackers to enumerate the internal network and execute arbitrary system commands via a crafted Phar file. | 8.8 |
| 2022-04-15 | CVE-2022-26499 | Server-Side Request Forgery (SSRF) vulnerability in multiple products An SSRF issue was discovered in Asterisk through 19.x. | 9.1 |
| 2022-04-08 | CVE-2022-22339 | Server-Side Request Forgery (SSRF) vulnerability in IBM Planning Analytics 2.0 IBM Planning Analytics 2.0 is vulnerable to server-side request forgery (SSRF). | 7.3 |
| 2022-04-07 | CVE-2021-36202 | Server-Side Request Forgery (SSRF) vulnerability in Johnsoncontrols products Server-Side Request Forgery (SSRF) vulnerability in Johnson Controls Metasys could allow an authenticated attacker to inject malicious code into the MUI PDF export feature. | 8.8 |
| 2022-04-07 | CVE-2020-27375 | Server-Side Request Forgery (SSRF) vulnerability in Drtrustusa Icheck Connect BP Monitor BP Testing 118 Firmware 1.2.1 Dr Trust USA iCheck Connect BP Monitor BP Testing 118 version 1.2.1 is vulnerable to Transmitting Write Requests and Chars. | 6.5 |
| 2022-04-04 | CVE-2022-1188 | Server-Side Request Forgery (SSRF) vulnerability in Gitlab An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.1 before 14.7.7, all versions starting from 14.8 before 14.8.5, all versions starting from 14.9 before 14.9.2 where a blind SSRF attack through the repository mirroring feature was possible. | 5.3 |
| 2022-04-01 | CVE-2022-0425 | Server-Side Request Forgery (SSRF) vulnerability in Gitlab A DNS rebinding vulnerability in the Irker IRC Gateway integration in all versions of GitLab CE/EE since version 7.9 allows an attacker to trigger Server Side Request Forgery (SSRF) attacks. | 7.6 |
| 2022-03-30 | CVE-2021-33581 | Server-Side Request Forgery (SSRF) vulnerability in Softwareag Mashzone Nextgen 10.7 MashZone NextGen through 10.7 GA has an SSRF vulnerability that allows an attacker to interact with arbitrary TCP services, by abusing the feature to check the availability of a PPM connection. | 7.2 |