Total
1343 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-14611 | 1 Agentejo | 1 Cockpit | 2022-08-18 | 6.4 MEDIUM | 9.1 CRITICAL |
| SSRF (Server Side Request Forgery) in Cockpit 0.13.0 allows remote attackers to read arbitrary files or send TCP traffic to intranet hosts via the url parameter, related to use of the discontinued aheinze/fetch_url_contents component. | |||||
| CVE-2022-37041 | 1 Zimbra | 1 Collaboration | 2022-08-16 | N/A | 7.5 HIGH |
| An issue was discovered in ProxyServlet.java in the /proxy servlet in Zimbra Collaboration Suite (ZCS) 8.8.15 and 9.0. The value of the X-Forwarded-Host header overwrites the value of the Host header in proxied requests. The value of X-Forwarded-Host header is not checked against the whitelist of hosts that ZCS is allowed to proxy to (the zimbraProxyAllowedDomains setting). | |||||
| CVE-2022-31132 | 1 Nextcloud | 1 Mail | 2022-08-10 | N/A | 9.8 CRITICAL |
| Nextcloud Mail is an email application for the nextcloud personal cloud product. Affected versions shipped with a CSS minifier on the path `./vendor/cerdic/css-tidy/css_optimiser.php`. Access to the minifier is unrestricted and access may lead to Server-Side Request Forgery (SSRF). It is recommendet to upgrade to Mail 1.12.7 or Mail 1.13.6. Users unable to upgrade may manually delete the file located at `./vendor/cerdic/css-tidy/css_optimiser.php` | |||||
| CVE-2022-31776 | 1 Ibm | 1 Datapower Gateway | 2022-08-04 | N/A | 8.8 HIGH |
| IBM DataPower Gateway 10.0.2.0 through 10.0.4.0, 10.0.1.0 through 10.0.1.8, 10.5.0.0, and 2018.4.1.0 through 2018.4.1.21 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 228433. | |||||
| CVE-2021-29475 | 1 Hedgedoc | 1 Hedgedoc | 2022-08-03 | 5.8 MEDIUM | 10.0 CRITICAL |
| HedgeDoc (formerly known as CodiMD) is an open-source collaborative markdown editor. An attacker is able to receive arbitrary files from the file system when exporting a note to PDF. Since the code injection has to take place as note content, there fore this exploit requires the attackers ability to modify a note. This will affect all instances, which have pdf export enabled. This issue has been fixed by https://github.com/hedgedoc/hedgedoc/commit/c1789474020a6d668d616464cb2da5e90e123f65 and is available in version 1.5.0. Starting the CodiMD/HedgeDoc instance with `CMD_ALLOW_PDF_EXPORT=false` or set `"allowPDFExport": false` in config.json can mitigate this issue for those who cannot upgrade. This exploit works because while PhantomJS doesn't actually render the `file:///` references to the PDF file itself, it still uses them internally, and exfiltration is possible, and easy through JavaScript rendering. The impact is pretty bad, as the attacker is able to read the CodiMD/HedgeDoc `config.json` file as well any other files on the filesystem. Even though the suggested Docker deploy option doesn't have many interesting files itself, the `config.json` still often contains sensitive information, database credentials, and maybe OAuth secrets among other things. | |||||
| CVE-2021-43959 | 1 Atlassian | 2 Jira Service Desk, Jira Service Management | 2022-08-02 | N/A | 5.7 MEDIUM |
| Affected versions of Atlassian Jira Service Management Server and Data Center allow authenticated remote attackers to access the content of internal network resources via a Server-Side Request Forgery (SSRF) vulnerability in the CSV importing feature of JSM Insight. When running in an environment like Amazon EC2, this flaw may be used to access to a metadata resource that provides access credentials and other potentially confidential information. The affected versions are before version 4.13.20, from version 4.14.0 before 4.20.8, and from version 4.21.0 before 4.22.2. | |||||
| CVE-2021-26072 | 1 Atlassian | 2 Confluence Data Center, Confluence Server | 2022-07-27 | 4.0 MEDIUM | 4.3 MEDIUM |
| The WidgetConnector plugin in Confluence Server and Confluence Data Center before version 5.8.6 allowed remote attackers to manipulate the content of internal network resources via a blind Server-Side Request Forgery (SSRF) vulnerability. | |||||
| CVE-2022-22416 | 1 Ibm | 2 Partner Engagement Manager, Partner Engagement Manager On Cloud\/saas | 2022-07-27 | N/A | 5.4 MEDIUM |
| IBM Sterling Partner Engagement Manager 6.1.2, 6.2, and Cloud/SasS 22.2 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 223126. | |||||
| CVE-2022-25800 | 1 Bestpractical | 1 Request Tracker For Incident Response | 2022-07-21 | N/A | 9.1 CRITICAL |
| Best Practical RT for Incident Response (RTIR) before 4.0.3 and 5.x before 5.0.3 allows SSRF via the whois lookup tool. | |||||
| CVE-2022-22982 | 1 Vmware | 2 Cloud Foundation, Vcenter Server | 2022-07-20 | N/A | 7.5 HIGH |
| The vCenter Server contains a server-side request forgery (SSRF) vulnerability. A malicious actor with network access to 443 on the vCenter Server may exploit this issue by accessing a URL request outside of vCenter Server or accessing an internal service. | |||||
| CVE-2022-25801 | 1 Bestpractical | 1 Request Tracker For Incident Response | 2022-07-20 | N/A | 9.1 CRITICAL |
| Best Practical RT for Incident Response (RTIR) before 4.0.3 and 5.x before 5.0.3 allows SSRF via Scripted Action tools. | |||||
| CVE-2022-2339 | 1 Xgenecloud | 1 Nocodb | 2022-07-14 | 5.0 MEDIUM | 7.5 HIGH |
| With this SSRF vulnerability, an attacker can reach internal addresses to make a request as the server and read it's contents. This attack can lead to leak of sensitive information. | |||||
| CVE-2022-25876 | 1 Link-preview-js Project | 1 Link-preview-js | 2022-07-12 | 2.1 LOW | 5.5 MEDIUM |
| The package link-preview-js before 2.1.16 are vulnerable to Server-side Request Forgery (SSRF) which allows attackers to send arbitrary requests to the local network and read the response. This is due to flawed DNS rebinding protection. | |||||
| CVE-2021-27214 | 1 Zohocorp | 1 Manageengine Adselfservice Plus | 2022-07-12 | 4.3 MEDIUM | 6.1 MEDIUM |
| A Server-side request forgery (SSRF) vulnerability in the ProductConfig servlet in Zoho ManageEngine ADSelfService Plus through 6013 allows a remote unauthenticated attacker to perform blind HTTP requests or perform a Cross-site scripting (XSS) attack against the administrative interface via an HTTP request, a different vulnerability than CVE-2019-3905. | |||||
| CVE-2021-45968 | 2 Jivesoftware, Pascom | 2 Jive, Cloud Phone System | 2022-07-12 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in xmppserver jar in the XMPP Server component of the JIve platform, as used in Pascom Cloud Phone System before 7.20.x (and in other products). An endpoint in the backend Tomcat server of the Pascom allows SSRF, a related issue to CVE-2019-18394. | |||||
| CVE-2021-45394 | 1 Html2pdf Project | 1 Html2pdf | 2022-07-12 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in Spipu HTML2PDF before 5.2.4. Attackers can trigger deserialization of arbitrary data via the injection of a malicious <link> tag in the converted HTML document. | |||||
| CVE-2017-20106 | 1 Khoros | 1 Lithium Forum | 2022-07-08 | 3.6 LOW | 4.4 MEDIUM |
| A vulnerability, which was classified as critical, has been found in Lithium Forum 2017 Q1. This issue affects some unknown processing of the component Compose Message Handler. The manipulation of the argument upload_url leads to server-side request forgery. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2022-0085 | 1 Dompdf Project | 1 Dompdf | 2022-07-07 | 4.3 MEDIUM | 5.3 MEDIUM |
| Server-Side Request Forgery (SSRF) in GitHub repository dompdf/dompdf prior to 2.0.0. | |||||
| CVE-2022-32995 | 1 Halo | 1 Halo | 2022-07-06 | 7.5 HIGH | 9.8 CRITICAL |
| Halo CMS v1.5.3 was discovered to contain a Server-Side Request Forgery (SSRF) via the template remote download function. | |||||
| CVE-2022-2216 | 1 Parse-url Project | 1 Parse-url | 2022-07-06 | 7.5 HIGH | 9.8 CRITICAL |
| Server-Side Request Forgery (SSRF) in GitHub repository ionicabizau/parse-url prior to 7.0.0. | |||||