Vulnerabilities > Server-Side Request Forgery (SSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-17 | CVE-2022-28616 | Server-Side Request Forgery (SSRF) vulnerability in HP Oneview A remote server-side request forgery (ssrf) vulnerability was discovered in HPE OneView version(s): Prior to 7.0. | 9.8 |
| 2022-05-17 | CVE-2022-1711 | Server-Side Request Forgery (SSRF) vulnerability in Diagrams Drawio Server-Side Request Forgery (SSRF) in GitHub repository jgraph/drawio prior to 18.0.5. | 7.5 |
| 2022-05-17 | CVE-2022-1723 | Server-Side Request Forgery (SSRF) vulnerability in Diagrams Drawio Server-Side Request Forgery (SSRF) in GitHub repository jgraph/drawio prior to 18.0.6. | 7.5 |
| 2022-05-16 | CVE-2022-23668 | Server-Side Request Forgery (SSRF) vulnerability in Arubanetworks Clearpass Policy Manager A remote authenticated server-side request forgery (ssrf) vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. | 4.9 |
| 2022-05-16 | CVE-2022-1713 | Server-Side Request Forgery (SSRF) vulnerability in Diagrams Drawio SSRF on /proxy in GitHub repository jgraph/drawio prior to 18.0.4. | 7.5 |
| 2022-05-16 | CVE-2022-1722 | Server-Side Request Forgery (SSRF) vulnerability in Diagrams Drawio SSRF in editor's proxy via IPv6 link-local address in GitHub repository jgraph/drawio prior to 18.0.5. | 3.3 |
| 2022-05-15 | CVE-2022-30049 | Server-Side Request Forgery (SSRF) vulnerability in Ruifang-Tech Rebuild 2.8.3 A Server-Side Request Forgery (SSRF) in Rebuild v2.8.3 allows attackers to obtain the real IP address and scan Intranet information via the fileurl parameter. | 7.5 |
| 2022-05-14 | CVE-2022-1379 | Server-Side Request Forgery (SSRF) vulnerability in multiple products URL Restriction Bypass in GitHub repository plantuml/plantuml prior to V1.2022.5. | 9.1 |
| 2022-05-13 | CVE-2020-22983 | Server-Side Request Forgery (SSRF) vulnerability in Microstrategy web A Server-Side Request Forgery (SSRF) vulnerability exists in MicroStrategy Web SDK 11.1 and earlier, allows remote unauthenticated attackers to conduct a server-side request forgery (SSRF) attack via the srcURL parameter to the shortURL task. | 8.1 |
| 2022-05-11 | CVE-2022-29847 | Server-Side Request Forgery (SSRF) vulnerability in Progress Whatsup Gold 21.1.0/21.1.1/22.0.0 In Progress Ipswitch WhatsUp Gold 21.0.0 through 21.1.1, and 22.0.0, it is possible for an unauthenticated attacker to invoke an API transaction that would allow them to relay encrypted WhatsUp Gold user credentials to an arbitrary host. | 7.5 |