Vulnerabilities > Request Project

DATE CVE VULNERABILITY TITLE RISK
2023-03-16 CVE-2023-28155 Server-Side Request Forgery (SSRF) vulnerability in Request Project Request
The Request package through 2.88.1 for Node.js allows a bypass of SSRF mitigations via an attacker-controller server that does a cross-protocol redirect (HTTP to HTTPS, or HTTPS to HTTP).
network
low complexity
request-project CWE-918
6.1
2018-06-04 CVE-2017-16026 Improper Input Validation vulnerability in Request Project Request
Request is an http client.
network
high complexity
request-project CWE-20
5.9