Vulnerabilities > Server-Side Request Forgery (SSRF)
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-03-20 | CVE-2020-8135 | Server-Side Request Forgery (SSRF) vulnerability in Uppy 1.9.1/1.9.2 The uppy npm package < 1.9.3 is vulnerable to a Server-Side Request Forgery (SSRF) vulnerability, which allows an attacker to scan local or external network or otherwise interact with internal systems. | 7.5 |
2020-03-20 | CVE-2020-8134 | Server-Side Request Forgery (SSRF) vulnerability in Ghost Server-side request forgery (SSRF) vulnerability in Ghost CMS < 3.10.0 allows an attacker to scan local or external network or otherwise interact with internal systems. | 5.5 |
2020-03-13 | CVE-2020-10077 | Server-Side Request Forgery (SSRF) vulnerability in Gitlab GitLab EE 3.0 through 12.8.1 allows SSRF. | 7.5 |
2020-03-10 | CVE-2019-13121 | Server-Side Request Forgery (SSRF) vulnerability in Gitlab An issue was discovered in GitLab Enterprise Edition 10.6 through 12.0.2. | 5.0 |
2020-03-10 | CVE-2019-12443 | Server-Side Request Forgery (SSRF) vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition 10.2 through 11.11. | 7.5 |
2020-03-07 | CVE-2020-10212 | Server-Side Request Forgery (SSRF) vulnerability in Tecrail Responsive Filemanager 9.13.4/9.14.0 upload.php in Responsive FileManager 9.13.4 and 9.14.0 allows SSRF via the url parameter because file-extension blocking is mishandled and because it is possible for a DNS hostname to resolve to an internal IP address. | 7.5 |
2020-02-21 | CVE-2019-18846 | Server-Side Request Forgery (SSRF) vulnerability in Open-Xchange Appsuite OX App Suite through 7.10.2 allows SSRF. | 4.0 |
2020-02-18 | CVE-2020-7796 | Server-Side Request Forgery (SSRF) vulnerability in Synacor Zimbra Collaboration Suite Zimbra Collaboration Suite (ZCS) before 8.8.15 Patch 7 allows SSRF when WebEx zimlet is installed and zimlet JSP is enabled. | 6.8 |
2020-02-17 | CVE-2019-20474 | Server-Side Request Forgery (SSRF) vulnerability in Zohocorp Manageengine Remote Access Plus 10.0.447 An issue was discovered in Zoho ManageEngine Remote Access Plus 10.0.447. | 4.0 |
2020-02-14 | CVE-2020-8128 | Server-Side Request Forgery (SSRF) vulnerability in Jsreport An unintended require and server-side request forgery vulnerabilities in jsreport version 2.5.0 and earlier allow attackers to execute arbitrary code. | 7.5 |