Server-Side Request Forgery (SSRF)

The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

CVEs (2,679)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-26494 1Tableau 1Tableau Server Oct 29, 2025 Feb 11, 2025 N/A· v4 7.7 HIGH· v3 N/A· v2 Server-Side Request Forgery (SSRF) vulnerability in Salesforce Tableau Server allows Authentication Bypass.This issue affects Tableau Server: from 2023.3 through 2023.3.5.
CVE-2025-22399 1Dell 1Utility Configuration Collector Edge Dec 6, 2025 Feb 11, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Dell UCC Edge, version 2.3.0, contains a Blind SSRF on Add Customer SFTP Server vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Server-side request fo...Show more Dell UCC Edge, version 2.3.0, contains a Blind SSRF on Add Customer SFTP Server vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Server-side request forgeryShow less
CVE-2024-52606 1Solarwinds 1Solarwinds Platform Feb 25, 2025 Feb 11, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 SolarWinds Platform is affected by server-side request forgery vulnerability. Proper input sanitation was not applied allowing for the possibility of a malicious web request.
CVE-2025-1211 - - Apr 29, 2026 Feb 11, 2025 2.9 LOW· v4 6.5 MEDIUM· v3 N/A· v2 Versions of the package hackney before 1.21.0 are vulnerable to Server-side Request Forgery (SSRF) due to improper parsing of URLs by URI built-in module and hackey. Given the URL http://127.0.0.1?@127.2.2.2/, the URI fu...Show more Versions of the package hackney before 1.21.0 are vulnerable to Server-side Request Forgery (SSRF) due to improper parsing of URLs by URI built-in module and hackey. Given the URL http://127.0.0.1?@127.2.2.2/, the URI function will parse and see the host as 127.0.0.1 (which is correct), and hackney will refer the host as 127.2.2.2/. This vulnerability can be exploited when users rely on the URL function for host checking.Show less
CVE-2025-25194 - - Feb 10, 2025 Feb 10, 2025 N/A· v4 4.0 MEDIUM· v3 N/A· v2 Lemmy, a link aggregator and forum for the fediverse, is vulnerable to server-side request forgery via a dependency on activitypub_federation, a framework for ActivityPub federation in Rust. This vulnerability, which is...Show more Lemmy, a link aggregator and forum for the fediverse, is vulnerable to server-side request forgery via a dependency on activitypub_federation, a framework for ActivityPub federation in Rust. This vulnerability, which is present in versions 0.6.2 and prior of activitypub_federation and versions 0.19.8 and prior of Lemmy, allows a user to bypass any predefined hardcoded URL path or security anti-Localhost mechanism and perform an arbitrary GET request to any Host, Port and URL using a Webfinger Request. As of time of publication, a fix has not been made available.Show less
CVE-2025-21177 1Microsoft 1Dynamics 365 Sales Feb 11, 2025 Feb 6, 2025 N/A· v4 8.8 HIGH· v3 N/A· v2 Server-Side Request Forgery (SSRF) in Microsoft Dynamics 365 Sales allows an authorized attacker to elevate privileges over a network.
CVE-2024-56471 1Ibm 1Aspera Shares Mar 7, 2025 Feb 5, 2025 N/A· v4 5.4 MEDIUM· v3 N/A· v2 IBM Aspera Shares 1.9.0 through 1.10.0 PL6 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enum...Show more IBM Aspera Shares 1.9.0 through 1.10.0 PL6 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks.Show less
CVE-2024-56470 1Ibm 1Aspera Shares Mar 7, 2025 Feb 5, 2025 N/A· v4 5.4 MEDIUM· v3 N/A· v2 IBM Aspera Shares 1.9.0 through 1.10.0 PL6 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enum...Show more IBM Aspera Shares 1.9.0 through 1.10.0 PL6 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks.Show less
CVE-2025-25065 1Synacor 1Zimbra Collaboration Suite Jun 11, 2025 Feb 3, 2025 N/A· v4 5.3 MEDIUM· v3 N/A· v2 SSRF vulnerability in the RSS feed parser in Zimbra Collaboration 9.0.0 before Patch 43, 10.0.x before 10.0.12, and 10.1.x before 10.1.4 allows unauthorized redirection to internal network endpoints.
CVE-2025-22701 - - Apr 23, 2026 Feb 3, 2025 N/A· v4 5.4 MEDIUM· v3 N/A· v2 Server-Side Request Forgery (SSRF) vulnerability in shinetheme Traveler Layout Essential For Elementor traveler-layout-essential-for-elementor.This issue affects Traveler Layout Essential For Elementor: from n/a through...Show more Server-Side Request Forgery (SSRF) vulnerability in shinetheme Traveler Layout Essential For Elementor traveler-layout-essential-for-elementor.This issue affects Traveler Layout Essential For Elementor: from n/a through < 1.4.Show less
CVE-2024-44055 - - Apr 23, 2026 Jan 31, 2025 N/A· v4 5.4 MEDIUM· v3 N/A· v2 Server-Side Request Forgery (SSRF) vulnerability in brandexponents Oshine Modules oshine-modules.This issue affects Oshine Modules: from n/a through < 3.3.8.
CVE-2023-6195 1Gitlab 1Gitlab Aug 5, 2025 Jan 31, 2025 N/A· v4 4.3 MEDIUM· v3 N/A· v2 An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.5 prior to 16.9.7, starting from 16.10 prior to 16.10.5, and starting from 16.11 prior to 16.11.2. GitLab was vulnerable to Server Side...Show more An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.5 prior to 16.9.7, starting from 16.10 prior to 16.10.5, and starting from 16.11 prior to 16.11.2. GitLab was vulnerable to Server Side Request Forgery when an attacker uses a malicious URL in the markdown image value when importing a GitHub repository.Show less
CVE-2025-24354 - - Jan 27, 2025 Jan 27, 2025 N/A· v4 5.3 MEDIUM· v3 N/A· v2 imgproxy is server for resizing, processing, and converting images. Imgproxy does not block the 0.0.0.0 address, even with IMGPROXY_ALLOW_LOOPBACK_SOURCE_ADDRESSES set to false. This can expose services on the local host...Show more imgproxy is server for resizing, processing, and converting images. Imgproxy does not block the 0.0.0.0 address, even with IMGPROXY_ALLOW_LOOPBACK_SOURCE_ADDRESSES set to false. This can expose services on the local host. This vulnerability is fixed in 3.27.2.Show less
CVE-2024-10705 1Themeisle 1Multiple Page Generator Feb 4, 2025 Jan 26, 2025 N/A· v4 8.1 HIGH· v3 N/A· v2 The Multiple Page Generator Plugin – MPG plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.0.5 via the 'mpg_download_file_by_link' function. This makes it possible...Show more The Multiple Page Generator Plugin – MPG plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.0.5 via the 'mpg_download_file_by_link' function. This makes it possible for authenticated attackers, with editor-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.Show less
CVE-2024-13450 1Bitapps 1Contact Form Builder Feb 4, 2025 Jan 25, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and inc...Show more The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.17.4 via the Webhooks integration. This makes it possible for authenticated attackers, with Administrator-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services. The vulnerability can also be exploited in Multisite environments.Show less
CVE-2025-24703 - - Apr 23, 2026 Jan 24, 2025 N/A· v4 4.4 MEDIUM· v3 N/A· v2 Server-Side Request Forgery (SSRF) vulnerability in Ronald Huereca Comment Edit Core – Simple Comment Editing simple-comment-editing allows Server Side Request Forgery.This issue affects Comment Edit Core – Simple Commen...Show more Server-Side Request Forgery (SSRF) vulnerability in Ronald Huereca Comment Edit Core – Simple Comment Editing simple-comment-editing allows Server Side Request Forgery.This issue affects Comment Edit Core – Simple Comment Editing: from n/a through <= 3.0.33.Show less
CVE-2025-24701 - - Apr 23, 2026 Jan 24, 2025 N/A· v4 4.4 MEDIUM· v3 N/A· v2 Server-Side Request Forgery (SSRF) vulnerability in Bob Chained Quiz chained-quiz allows Server Side Request Forgery.This issue affects Chained Quiz: from n/a through <= 1.3.2.9.
CVE-2025-24695 1Hasthemes 1Extensions For Cf7 Apr 23, 2026 Jan 24, 2025 N/A· v4 4.4 MEDIUM· v3 N/A· v2 Server-Side Request Forgery (SSRF) vulnerability in HT Plugins Extensions For CF7 extensions-for-cf7 allows Server Side Request Forgery.This issue affects Extensions For CF7: from n/a through <= 3.2.0.
CVE-2024-11913 1Buddydev 1Activity Plus Reloaded For Buddypress Feb 4, 2025 Jan 24, 2025 N/A· v4 5.4 MEDIUM· v3 N/A· v2 The Activity Plus Reloaded for BuddyPress plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 1.1.1 via the 'ajax_preview_link' function. This makes it possible f...Show more The Activity Plus Reloaded for BuddyPress plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 1.1.1 via the 'ajax_preview_link' function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.Show less
CVE-2024-43710 1Elastic 1Kibana Sep 30, 2025 Jan 23, 2025 N/A· v4 4.3 MEDIUM· v3 N/A· v2 A server side request forgery vulnerability was identified in Kibana where the /api/fleet/health_check API could be used to send requests to internal endpoints. Due to the nature of the underlying request, only endpoints...Show more A server side request forgery vulnerability was identified in Kibana where the /api/fleet/health_check API could be used to send requests to internal endpoints. Due to the nature of the underlying request, only endpoints available over https that return JSON could be accessed. This can be carried out by users with read access to Fleet.Show less

Previous 1...646566...134 Next