Vulnerabilities > Server-Side Request Forgery (SSRF)

DATE CVE VULNERABILITY TITLE RISK
2022-03-30 CVE-2022-27907 Server-Side Request Forgery (SSRF) vulnerability in Sonatype Nexus Repository Manager
Sonatype Nexus Repository Manager 3.x before 3.38.0 allows SSRF.
network
low complexity
sonatype CWE-918
4.3
4.3
2022-03-28 CVE-2022-0136 Server-Side Request Forgery (SSRF) vulnerability in Gitlab
A vulnerability was discovered in GitLab versions 10.5 to 14.5.4, 14.6 to 14.6.4, and 14.7 to 14.7.1.
network
low complexity
gitlab CWE-918
8.1
8.1
2022-03-28 CVE-2022-0249 Server-Side Request Forgery (SSRF) vulnerability in Gitlab
A vulnerability was discovered in GitLab starting with version 12.
network
low complexity
gitlab CWE-918
critical
 9.1
9.1
2022-03-23 CVE-2021-44139 Server-Side Request Forgery (SSRF) vulnerability in Hashicorp Sentinel 1.8.2
Sentinel 1.8.2 is vulnerable to Server-side request forgery (SSRF).
network
low complexity
hashicorp CWE-918
7.5
7.5
2022-03-18 CVE-2022-27245 Server-Side Request Forgery (SSRF) vulnerability in Misp
An issue was discovered in MISP before 2.4.156.
network
low complexity
misp CWE-918
8.8
8.8
2022-03-18 CVE-2021-45968 Server-Side Request Forgery (SSRF) vulnerability in multiple products
An issue was discovered in xmppserver jar in the XMPP Server component of the JIve platform, as used in Pascom Cloud Phone System before 7.20.x (and in other products).
network
low complexity
jivesoftware pascom CWE-918
7.5
7.5
2022-03-17 CVE-2021-46107 Server-Side Request Forgery (SSRF) vulnerability in Ligeo-Archives Ligeo Basics 02012022
Ligeo Archives Ligeo Basics as of 02_01-2022 is vulnerable to Server Side Request Forgery (SSRF) which allows an attacker to read any documents via the download features.
network
low complexity
ligeo-archives CWE-918
7.5
7.5
2022-03-16 CVE-2021-45851 Server-Side Request Forgery (SSRF) vulnerability in Frangoteam Fuxa 1.1.3
A Server-Side Request Forgery (SSRF) attack in FUXA 1.1.3 can be carried out leading to the obtaining of sensitive information from the server's internal environment and services, often potentially leading to the attacker executing commands on the server.
network
low complexity
frangoteam CWE-918
7.5
7.5
2022-03-14 CVE-2021-39051 Server-Side Request Forgery (SSRF) vulnerability in IBM Spectrum Copy Data Management
IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.14.3 is vulnerable to server-side request forgery, caused by improper input of application server registration function.
network
low complexity
ibm CWE-918
6.5
6.5
2022-03-14 CVE-2021-43954 Server-Side Request Forgery (SSRF) vulnerability in Atlassian Crucible
The DefaultRepositoryAdminService class in Fisheye and Crucible before version 4.8.9 allowed remote attackers, who have 'can add repository permission', to enumerate the existence of internal network and filesystem resources via a Server-Side Request Forgery (SSRF) vulnerability.
network
low complexity
atlassian CWE-918
4.3
4.3