Vulnerabilities > Server-Side Request Forgery (SSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-07 | CVE-2020-24149 | Server-Side Request Forgery (SSRF) vulnerability in Secondline Podcast Importer Secondline 1.1.4 Server-side request forgery (SSRF) in the Podcast Importer SecondLine (podcast-importer-secondline) plugin 1.1.4 for WordPress via the podcast_feed parameter in a secondline_import_initialize action to the secondlinepodcastimport page. | 7.5 |
| 2021-07-02 | CVE-2021-35209 | Server-Side Request Forgery (SSRF) vulnerability in Zimbra Collaboration An issue was discovered in ProxyServlet.java in the /proxy servlet in Zimbra Collaboration Suite 8.8 before 8.8.15 Patch 23 and 9.x before 9.0.0 Patch 16. | 9.8 |
| 2021-07-02 | CVE-2021-32639 | Server-Side Request Forgery (SSRF) vulnerability in NSA Emissary Emissary is a P2P-based, data-driven workflow engine. | 9.9 |
| 2021-06-29 | CVE-2021-31531 | Server-Side Request Forgery (SSRF) vulnerability in Zohocorp Manageengine Servicedesk Plus MSP 10.5 Zoho ManageEngine ServiceDesk Plus MSP before 10521 is vulnerable to Server-Side Request Forgery (SSRF). | 9.8 |
| 2021-06-24 | CVE-2020-21788 | Server-Side Request Forgery (SSRF) vulnerability in Crmeb 3.1.0+ In CRMEB 3.1.0+ strict domain name filtering leads to SSRF(Server-Side Request Forgery). | 4.3 |
| 2021-06-16 | CVE-2021-20483 | Server-Side Request Forgery (SSRF) vulnerability in IBM Security Identity Manager 6.0.2 IBM Security Identity Manager 6.0.2 is vulnerable to server-side request forgery (SSRF). | 6.5 |
| 2021-06-11 | CVE-2021-22175 | Server-Side Request Forgery (SSRF) vulnerability in Gitlab When requests to the internal network for webhooks are enabled, a server-side request forgery vulnerability in GitLab affecting all versions starting from 10.5 was possible to exploit for an unauthenticated attacker even on a GitLab instance where registration is disabled | 9.8 |
| 2021-06-09 | CVE-2020-15377 | Server-Side Request Forgery (SSRF) vulnerability in Broadcom Sannav 2.1.0 Webtools in Brocade SANnav before version 2.1.1 allows unauthenticated users to make requests to arbitrary hosts due to a misconfiguration; this is commonly referred to as Server-Side Request Forgery (SSRF). | 9.8 |
| 2021-06-08 | CVE-2021-33571 | Server-Side Request Forgery (SSRF) vulnerability in multiple products In Django 2.2 before 2.2.24, 3.x before 3.1.12, and 3.2 before 3.2.4, URLValidator, validate_ipv4_address, and validate_ipv46_address do not prohibit leading zero characters in octal literals. | 7.5 |
| 2021-06-08 | CVE-2021-22214 | Server-Side Request Forgery (SSRF) vulnerability in Gitlab When requests to the internal network for webhooks are enabled, a server-side request forgery vulnerability in GitLab CE/EE affecting all versions starting from 10.5 was possible to exploit for an unauthenticated attacker even on a GitLab instance where registration is limited | 8.6 |