Vulnerabilities > Server-Side Request Forgery (SSRF)
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-02-08 | CVE-2022-0508 | Server-Side Request Forgery (SSRF) vulnerability in Framasoft Peertube Server-Side Request Forgery (SSRF) in GitHub repository chocobozzz/peertube prior to f33e515991a32885622b217bf2ed1d1b0d9d6832 | 5.0 |
2022-02-06 | CVE-2022-23206 | Server-Side Request Forgery (SSRF) vulnerability in Apache Traffic Control In Apache Traffic Control Traffic Ops prior to 6.1.0 or 5.1.6, an unprivileged user who can reach Traffic Ops over HTTPS can send a specially-crafted POST request to /user/login/oauth to scan a port of a server that Traffic Ops can reach. | 5.0 |
2022-02-04 | CVE-2022-24129 | Server-Side Request Forgery (SSRF) vulnerability in Shibboleth Oidc OP The OIDC OP plugin before 3.0.4 for Shibboleth Identity Provider allows server-side request forgery (SSRF) due to insufficient restriction of the request_uri parameter. | 6.4 |
2022-02-02 | CVE-2021-42637 | Server-Side Request Forgery (SSRF) vulnerability in Printerlogic web Stack 19.1.1.13 PrinterLogic Web Stack versions 19.1.1.13 SP9 and below use user-controlled input to craft a URL, resulting in a Server Side Request Forgery (SSRF) vulnerability. | 7.5 |
2022-01-30 | CVE-2022-0339 | Server-Side Request Forgery (SSRF) vulnerability in Calibre-Web Project Calibre-Web Server-Side Request Forgery (SSRF) in Pypi calibreweb prior to 0.6.16. | 7.5 |
2022-01-28 | CVE-2021-22821 | Server-Side Request Forgery (SSRF) vulnerability in Schneider-Electric products A CWE-918 Server-Side Request Forgery (SSRF) vulnerability exists that could cause the station web server to forward requests to unintended network targets when crafted malicious parameters are submitted to the charging station web server. | 5.0 |
2022-01-28 | CVE-2022-22993 | Server-Side Request Forgery (SSRF) vulnerability in Westerndigital MY Cloud OS A limited SSRF vulnerability was discovered on Western Digital My Cloud devices that could allow an attacker to impersonate a server and reach any page on the server by bypassing access controls. | 8.3 |
2022-01-25 | CVE-2022-21697 | Server-Side Request Forgery (SSRF) vulnerability in Jupyter Server Proxy Jupyter Server Proxy is a Jupyter notebook server extension to proxy web services. | 5.5 |
2022-01-24 | CVE-2021-36349 | Server-Side Request Forgery (SSRF) vulnerability in Dell EMC Data Protection Central Dell EMC Data Protection Central versions 19.5 and prior contain a Server Side Request Forgery vulnerability in the DPC DNS client processing. | 4.0 |
2022-01-21 | CVE-2021-23664 | Server-Side Request Forgery (SSRF) vulnerability in Isomorphic-Git Cors-Proxy The package @isomorphic-git/cors-proxy before 2.7.1 are vulnerable to Server-side Request Forgery (SSRF) due to missing sanitization and validation of the redirection action in middleware.js. | 5.0 |