Total
774 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-5464 | 1 Gitlab | 1 Gitlab | 2020-01-31 | 7.5 HIGH | 9.8 CRITICAL |
| A flawed DNS rebinding protection issue was discovered in GitLab CE/EE 10.2 and later in the `url_blocker.rb` which could result in SSRF where the library is utilized. | |||||
| CVE-2019-19835 | 1 Ruckuswireless | 17 C110, E510, H320 and 14 more | 2020-01-27 | 5.0 MEDIUM | 7.5 HIGH |
| SSRF in AjaxRestrictedCmdStat in zap in Ruckus Wireless Unleashed through 200.7.10.102.64 allows a remote denial of service via the server attribute to the tools/_rcmdstat.jsp URI. | |||||
| CVE-2020-1925 | 1 Apache | 1 Olingo | 2020-01-15 | 5.0 MEDIUM | 7.5 HIGH |
| Apache Olingo versions 4.0.0 to 4.7.0 provide the AsyncRequestWrapperImpl class which reads a URL from the Location header, and then sends a GET or DELETE request to this URL. It may allow to implement a SSRF attack. If an attacker tricks a client to connect to a malicious server, the server can make the client call any URL including internal resources which are not directly accessible by the attacker. | |||||
| CVE-2019-19261 | 1 Gitlab | 1 Gitlab | 2020-01-09 | 6.8 MEDIUM | 8.8 HIGH |
| GitLab Enterprise Edition (EE) 6.7 and later through 12.5 allows SSRF. | |||||
| CVE-2019-19999 | 1 Halo | 1 Halo | 2020-01-08 | 6.5 MEDIUM | 7.2 HIGH |
| Halo before 1.2.0-beta.1 allows Server Side Template Injection (SSTI) because TemplateClassResolver.SAFER_RESOLVER is not used in the FreeMarker configuration. | |||||
| CVE-2018-20497 | 1 Gitlab | 1 Gitlab | 2020-01-08 | 4.0 MEDIUM | 5.0 MEDIUM |
| An issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It allows SSRF. | |||||
| CVE-2018-20499 | 1 Gitlab | 1 Gitlab | 2020-01-07 | 6.4 MEDIUM | 7.2 HIGH |
| An issue was discovered in GitLab Community and Enterprise Edition before 11.x before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It allows SSRF. | |||||
| CVE-2019-20055 | 1 Liquidpixels | 1 Liquifire Os | 2020-01-02 | 6.4 MEDIUM | 6.5 MEDIUM |
| LuquidPixels LiquiFire OS 4.8.0 allows SSRF via the call%3Durl substring followed by a URL in square brackets. | |||||
| CVE-2019-18379 | 1 Symantec | 1 Messaging Gateway | 2019-12-13 | 7.5 HIGH | 7.3 HIGH |
| Symantec Messaging Gateway, prior to 10.7.3, may be susceptible to a server-side request forgery (SSRF) exploit, which is a type of issue that can let an attacker send crafted requests from the backend server of a vulnerable web application or access services available through the loopback interface. | |||||
| CVE-2019-16948 | 1 Enghouse | 1 Web Chat | 2019-11-18 | 7.5 HIGH | 9.8 CRITICAL |
| An SSRF issue was discovered in Enghouse Web Chat 6.1.300.31. In any POST request, one can replace the port number at WebServiceLocation=http://localhost:8085/UCWebServices/ with a range of ports to determine what is visible on the internal network (as opposed to what general web traffic would see on the product's host). The response from open ports is different than from closed ports. The product does not allow one to change the protocol: anything except http(s) will throw an error; however, it is the type of error that allows one to determine if a port is open or not. | |||||
| CVE-2019-8156 | 1 Magento | 1 Magento | 2019-11-07 | 6.5 MEDIUM | 7.2 HIGH |
| A server-side request forgery (SSRF) vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user with admin privileges to modify store configurations can manipulate the connector api endpoint to enable remote code execution. | |||||
| CVE-2019-8151 | 1 Magento | 1 Magento | 2019-11-07 | 6.5 MEDIUM | 7.2 HIGH |
| A remote code execution vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user with admin privileges to manipulate shippment settings can execute arbitrary code through server-side request forgery due to unsafe handling of a carrier gateway. | |||||
| CVE-2019-4262 | 1 Ibm | 1 Qradar Security Information And Event Manager | 2019-10-30 | 5.0 MEDIUM | 5.3 MEDIUM |
| IBM QRadar SIEM 7.2 and 7.3 is vulnerable to Server Side Request Forgery (SSRF). This may allow an unauthenticated attacker to send unauthorized requests from the QRadar system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 160014. | |||||
| CVE-2019-18355 | 1 Thycotic | 1 Secret Server | 2019-10-30 | 7.5 HIGH | 9.8 CRITICAL |
| An SSRF issue was discovered in the legacy Web launcher in Thycotic Secret Server before 10.7. | |||||
| CVE-2019-15164 | 1 Tcpdump | 1 Libpcap | 2019-10-26 | 5.0 MEDIUM | 5.3 MEDIUM |
| rpcapd/daemon.c in libpcap before 1.9.1 allows SSRF because a URL may be provided as a capture source. | |||||
| CVE-2019-17400 | 1 Universal Office Converter Project | 1 Universal Office Converter | 2019-10-23 | 5.0 MEDIUM | 7.5 HIGH |
| The unoconv package before 0.9 mishandles untrusted pathnames, leading to SSRF and local file inclusion. | |||||
| CVE-2017-18638 | 1 Graphite Project | 1 Graphite | 2019-10-21 | 5.0 MEDIUM | 7.5 HIGH |
| send_email in graphite-web/webapp/graphite/composer/views.py in Graphite through 1.1.5 is vulnerable to SSRF. The vulnerable SSRF endpoint can be used by an attacker to have the Graphite web server request any resource. The response to this SSRF request is encoded into an image file and then sent to an e-mail address that can be supplied by the attacker. Thus, an attacker can exfiltrate any information. | |||||
| CVE-2019-14225 | 1 Open-xchange | 1 Open-xchange Appsuite | 2019-10-16 | 5.5 MEDIUM | 5.4 MEDIUM |
| OX App Suite 7.10.1 and 7.10.2 allows SSRF. | |||||
| CVE-2016-7051 | 1 Fasterxml | 1 Jackson-dataformat-xml | 2019-10-10 | 5.0 MEDIUM | 8.6 HIGH |
| XmlMapper in the Jackson XML dataformat component (aka jackson-dataformat-xml) before 2.7.8 and 2.8.x before 2.8.4 allows remote attackers to conduct server-side request forgery (SSRF) attacks via vectors related to a DTD. | |||||
| CVE-2019-3809 | 1 Moodle | 1 Moodle | 2019-10-09 | 7.5 HIGH | 10.0 CRITICAL |
| A flaw was found in Moodle versions 3.1 to 3.1.15 and earlier unsupported versions. The mybackpack functionality allowed setting the URL of badges, when it should be restricted to the Mozilla Open Badges backpack URL. This resulted in the possibility of blind SSRF via requests made by the page. | |||||