Vulnerabilities > Server-Side Request Forgery (SSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-17 | CVE-2024-49312 | Server-Side Request Forgery (SSRF) vulnerability in Edwiser Bridge Server-Side Request Forgery (SSRF) vulnerability in WisdmLabs Edwiser Bridge.This issue affects Edwiser Bridge: from n/a through 3.0.7. | 8.6 |
| 2024-10-16 | CVE-2012-10018 | The Mapplic and Mapplic Lite plugins for WordPress are vulnerable to Server-Side Request Forgery in versions up to, and including 6.1, 1.0 respectively. | 8.3 |
| 2024-10-11 | CVE-2024-47830 | Server-Side Request Forgery (SSRF) vulnerability in Plane Plane is an open-source project management tool. | 5.8 |
| 2024-10-10 | CVE-2024-47167 | Server-Side Request Forgery (SSRF) vulnerability in Gradio Project Gradio Gradio is an open-source Python package designed for quick prototyping. | 9.8 |
| 2024-10-10 | CVE-2024-45119 | Server-Side Request Forgery (SSRF) vulnerability in Adobe Commerce and Magento Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 (and earlier) are affected by a Server-Side Request Forgery (SSRF) vulnerability that could lead to arbitrary file system read. | 4.9 |
| 2024-10-10 | CVE-2024-8977 | Server-Side Request Forgery (SSRF) vulnerability in Gitlab An issue has been discovered in GitLab EE affecting all versions starting from 15.10 prior to 17.2.9, from 17.3 prior to 17.3.5, and from 17.4 prior to 17.4.2. | 8.1 |
| 2024-10-08 | CVE-2024-47008 | Server-Side Request Forgery (SSRF) vulnerability in Ivanti Avalanche Server-side request forgery in Ivanti Avalanche before version 6.4.5 allows a remote unauthenticated attacker to leak sensitive information. | 7.5 |
| 2024-10-07 | CVE-2024-45291 | Server-Side Request Forgery (SSRF) vulnerability in PHPoffice PHPspreadsheet PHPSpreadsheet is a pure PHP library for reading and writing spreadsheet files. | 8.8 |
| 2024-10-04 | CVE-2024-9410 | Server-Side Request Forgery (SSRF) vulnerability in ADA Ada.cx's Sentry configuration allowed for blind server-side request forgeries (SSRF) through the use of a data scraping endpoint. | 5.3 |
| 2024-09-26 | CVE-2024-45843 | Server-Side Request Forgery (SSRF) vulnerability in Mattermost Server Mattermost versions 9.5.x <= 9.5.8 fail to include the metadata endpoints of Oracle Cloud and Alibaba in the SSRF denylist, which allows an attacker to possibly cause an SSRF if Mattermost was deployed in Oracle Cloud or Alibaba. | 5.4 |