Vulnerabilities > Server-Side Request Forgery (SSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-23 | CVE-2024-47222 | Server-Side Request Forgery (SSRF) vulnerability in Myoffice MY Office SDK New Cloud MyOffice SDK Collaborative Editing Server 2.2.2 through 2.8 allows SSRF via manipulation of requests from external document storage via the MS-WOPI protocol. | 9.8 |
| 2024-09-23 | CVE-2024-47066 | Server-Side Request Forgery (SSRF) vulnerability in Lobehub Lobe Chat Lobe Chat is an open-source artificial intelligence chat framework. | 8.8 |
| 2024-09-18 | CVE-2022-25777 | Server-Side Request Forgery (SSRF) vulnerability in Acquia Mautic Prior to the patched version, an authenticated user of Mautic could read system files and access the internal addresses of the application due to a Server-Side Request Forgery (SSRF) vulnerability. | 6.5 |
| 2024-09-17 | CVE-2024-47049 | Server-Side Request Forgery (SSRF) vulnerability in Czim File-Handling The czim/file-handling package before 1.5.0 and 2.x before 2.3.0 (used with PHP Composer) does not properly validate URLs within makeFromUrl and makeFromAny, leading to SSRF, and to directory traversal for the reading of local files. | 8.2 |
| 2024-09-13 | CVE-2024-6587 | Server-Side Request Forgery (SSRF) vulnerability in Litellm 1.38.10 A Server-Side Request Forgery (SSRF) vulnerability exists in berriai/litellm version 1.38.10. | 7.5 |
| 2024-09-12 | CVE-2024-8635 | Server-Side Request Forgery (SSRF) vulnerability in Gitlab A server-side request forgery issue has been discovered in GitLab EE affecting all versions starting from 16.8 prior to 17.1.7, from 17.2 prior to 17.2.5, and from 17.3 prior to 17.3.2. | 6.5 |
| 2024-09-12 | CVE-2021-38132 | Server-Side Request Forgery (SSRF) vulnerability in Microfocus Edirectory Possible External Service Interaction attack in eDirectory has been discovered in OpenTextâ„¢ eDirectory. | 9.8 |
| 2024-09-10 | CVE-2024-44677 | Server-Side Request Forgery (SSRF) vulnerability in Eladmin 2.7 eladmin v2.7 and before is vulnerable to Server-Side Request Forgery (SSRF) which allows an attacker to execute arbitrary code via the DatabaseController.java component. | 9.8 |
| 2024-09-05 | CVE-2024-24759 | Server-Side Request Forgery (SSRF) vulnerability in Mindsdb MindsDB is a platform for building artificial intelligence from enterprise data. | 9.1 |
| 2024-08-21 | CVE-2024-43371 | Server-Side Request Forgery (SSRF) vulnerability in Okfn Ckan CKAN is an open-source data management system for powering data hubs and data portals. | 6.5 |