Vulnerabilities > Server-Side Request Forgery (SSRF)
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-08-11 | CVE-2020-14296 | Server-Side Request Forgery (SSRF) vulnerability in Redhat Cloudforms Management Engine 4.7/5.0 Red Hat CloudForms 4.7 and 5 was vulnerable to Server-Side Request Forgery (SSRF) flaw. | 5.5 |
2020-08-10 | CVE-2020-13295 | Server-Side Request Forgery (SSRF) vulnerability in Gitlab Runner For GitLab Runner before 13.0.12, 13.1.6, 13.2.3, by replacing dockerd with a malicious server, the Shared Runner is susceptible to SSRF. | 6.5 |
2020-08-09 | CVE-2020-16248 | Server-Side Request Forgery (SSRF) vulnerability in Prometheus Blackbox Exporter Prometheus Blackbox Exporter through 0.17.0 allows /probe?target= SSRF. | 5.8 |
2020-08-08 | CVE-2020-15823 | Server-Side Request Forgery (SSRF) vulnerability in Jetbrains Youtrack JetBrains YouTrack before 2020.2.8873 is vulnerable to SSRF in the Workflow component. | 5.0 |
2020-08-08 | CVE-2020-15819 | Server-Side Request Forgery (SSRF) vulnerability in Jetbrains Youtrack JetBrains YouTrack before 2020.2.10643 was vulnerable to SSRF that allowed scanning internal ports. | 5.0 |
2020-07-28 | CVE-2020-13970 | Server-Side Request Forgery (SSRF) vulnerability in Shopware Shopware before 6.2.3 is vulnerable to a Server-Side Request Forgery (SSRF) in its "Mediabrowser upload by URL" feature. | 6.5 |
2020-07-21 | CVE-2020-15879 | Server-Side Request Forgery (SSRF) vulnerability in Bitwarden Server 1.35.1 Bitwarden Server 1.35.1 allows SSRF because it does not consider certain IPv6 addresses (ones beginning with fc, fd, fe, or ff, and the :: address) and certain IPv4 addresses (0.0.0.0/8, 127.0.0.0/8, and 169.254.0.0/16). | 5.0 |
2020-07-20 | CVE-2020-8205 | Server-Side Request Forgery (SSRF) vulnerability in Transloadit Uppy The uppy npm package < 1.13.2 and < 2.0.0-alpha.5 is vulnerable to a Server-Side Request Forgery (SSRF) vulnerability, which allows an attacker to scan local or external networks or otherwise interact with internal systems. | 5.0 |
2020-07-15 | CVE-2020-13788 | Server-Side Request Forgery (SSRF) vulnerability in Linuxfoundation Harbor Harbor prior to 2.0.1 allows SSRF with this limitation: an attacker with the ability to edit projects can scan ports of hosts accessible on the Harbor server's intranet. | 4.0 |
2020-07-14 | CVE-2020-6282 | Server-Side Request Forgery (SSRF) vulnerability in SAP Netweaver Application Server Java SAP NetWeaver AS JAVA (IIOP service) (SERVERCORE), versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, and SAP NetWeaver AS JAVA (IIOP service) (CORE-TOOLS), versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allows an attacker to send a crafted request from a vulnerable web application. | 5.0 |