Server-Side Request Forgery (SSRF)

The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

CVEs (2,678)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-0528 1Transloadit 1Uppy Feb 24, 2026 Mar 3, 2022 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Server-Side Request Forgery (SSRF) in GitHub repository transloadit/uppy prior to 3.3.1.
CVE-2022-0768 1Alltubedownload 1Alltube Nov 21, 2024 Feb 28, 2022 N/A· v4 9.1 CRITICAL· v3 6.4 MEDIUM· v2 Server-Side Request Forgery (SSRF) in GitHub repository rudloff/alltube prior to 3.0.2.
CVE-2022-25260 1Jetbrains 1Hub Nov 21, 2024 Feb 25, 2022 N/A· v4 9.1 CRITICAL· v3 6.4 MEDIUM· v2 JetBrains Hub before 2021.1.14276 was vulnerable to blind Server-Side Request Forgery (SSRF).
CVE-2022-24333 1Jetbrains 1Teamcity Nov 21, 2024 Feb 25, 2022 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 In JetBrains TeamCity before 2021.2, blind SSRF via an XML-RPC call was possible.
CVE-2022-24980 1Kitodo 1Kitodo.presentation Nov 21, 2024 Feb 19, 2022 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 An issue was discovered in the Kitodo.Presentation (aka dif) extension before 2.3.2, 3.x before 3.2.3, and 3.3.x before 3.3.4 for TYPO3. A missing access check in an eID script allows an unauthenticated user to submit ar...Show more An issue was discovered in the Kitodo.Presentation (aka dif) extension before 2.3.2, 3.x before 3.2.3, and 3.3.x before 3.3.4 for TYPO3. A missing access check in an eID script allows an unauthenticated user to submit arbitrary URLs to this component. This results in SSRF, allowing attackers to view the content of any file or webpage the webserver has access to.Show less
CVE-2022-21215 1Airspan 5A5x Firmware C5c FirmwareC5x Firmware+2 more Nov 21, 2024 Feb 18, 2022 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 This vulnerability could allow an attacker to force the server to create and execute a web request granting access to backend APIs that are only accessible to the Mimosa MMP server, or request pages that could perform so...Show more This vulnerability could allow an attacker to force the server to create and execute a web request granting access to backend APIs that are only accessible to the Mimosa MMP server, or request pages that could perform some actions themselves. The attacker could force the server into accessing routes on those cloud-hosting platforms, accessing secret keys, changing configurations, etc. Affecting MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C-series and A5x: Device versions prior to v2.5.4.1.Show less
CVE-2022-0671 1Redhat 1Vscode Xml Nov 21, 2024 Feb 18, 2022 N/A· v4 9.1 CRITICAL· v3 6.4 MEDIUM· v2 A flaw was found in vscode-xml in versions prior to 0.19.0. Schema download could lead to blind SSRF or DoS via a large file.
CVE-2021-20325 1Redhat 1Enterprise Linux Nov 21, 2024 Feb 18, 2022 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Missing fixes for CVE-2021-40438 and CVE-2021-26691 in the versions of httpd, as shipped in Red Hat Enterprise Linux 8.5.0, causes a security regression compared to the versions shipped in Red Hat Enterprise Linux 8.4. A...Show more Missing fixes for CVE-2021-40438 and CVE-2021-26691 in the versions of httpd, as shipped in Red Hat Enterprise Linux 8.5.0, causes a security regression compared to the versions shipped in Red Hat Enterprise Linux 8.4. A user who installs or updates to Red Hat Enterprise Linux 8.5.0 would be vulnerable to the mentioned CVEs, even if they were properly fixed in Red Hat Enterprise Linux 8.4. CVE-2021-20325 was assigned to that Red Hat specific security regression and it does not affect the upstream versions of httpd.Show less
CVE-2022-23644 1Joinbookwyrm 1Bookwyrm Nov 21, 2024 Feb 16, 2022 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 BookWyrm is a decentralized social network for tracking reading habits and reviewing books. The functionality to load a cover via url is vulnerable to a server-side request forgery attack. Any BookWyrm instance running a...Show more BookWyrm is a decentralized social network for tracking reading habits and reviewing books. The functionality to load a cover via url is vulnerable to a server-side request forgery attack. Any BookWyrm instance running a version prior to v0.3.0 is susceptible to attack from a logged-in user. The problem has been patched and administrators should upgrade to version 0.3.0 As a workaround, BookWyrm instances can close registration and limit members to trusted individuals.Show less
CVE-2022-24568 1Xxyopen 1Novel Plus Nov 21, 2024 Feb 10, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Novel-plus v3.6.0 was discovered to be vulnerable to Server-Side Request Forgery (SSRF) via user-supplied crafted input.
CVE-2021-25939 1Arangodb 1Arangodb Nov 21, 2024 Feb 9, 2022 N/A· v4 2.7 LOW· v3 4.0 MEDIUM· v2 In ArangoDB, versions v3.7.0 through v3.9.0-alpha.1 have a feature which allows downloading a Foxx service from a publicly available URL. This feature does not enforce proper filtering of requests performed internally, w...Show more In ArangoDB, versions v3.7.0 through v3.9.0-alpha.1 have a feature which allows downloading a Foxx service from a publicly available URL. This feature does not enforce proper filtering of requests performed internally, which can be abused by a highly-privileged attacker to perform blind SSRF and send internal requests to localhost.Show less
CVE-2021-45325 1Gitea 1Gitea Nov 21, 2024 Feb 8, 2022 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Server Side Request Forgery (SSRF) vulneraility exists in Gitea before 1.7.0 using the OpenID URL.
CVE-2022-0508 1Framasoft 1Peertube Nov 21, 2024 Feb 8, 2022 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 Server-Side Request Forgery (SSRF) in GitHub repository chocobozzz/peertube prior to f33e515991a32885622b217bf2ed1d1b0d9d6832
CVE-2022-23206 1Apache 1Traffic Control Nov 21, 2024 Feb 6, 2022 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Apache Traffic Control Traffic Ops prior to 6.1.0 or 5.1.6, an unprivileged user who can reach Traffic Ops over HTTPS can send a specially-crafted POST request to /user/login/oauth to scan a port of a server that Traf...Show more In Apache Traffic Control Traffic Ops prior to 6.1.0 or 5.1.6, an unprivileged user who can reach Traffic Ops over HTTPS can send a specially-crafted POST request to /user/login/oauth to scan a port of a server that Traffic Ops can reach.Show less
CVE-2022-24129 1Shibboleth 1Oidc Op Nov 21, 2024 Feb 4, 2022 N/A· v4 8.2 HIGH· v3 6.4 MEDIUM· v2 The OIDC OP plugin before 3.0.4 for Shibboleth Identity Provider allows server-side request forgery (SSRF) due to insufficient restriction of the request_uri parameter. This allows attackers to interact with arbitrary th...Show more The OIDC OP plugin before 3.0.4 for Shibboleth Identity Provider allows server-side request forgery (SSRF) due to insufficient restriction of the request_uri parameter. This allows attackers to interact with arbitrary third-party HTTP services.Show less
CVE-2021-42637 1Printerlogic 1Web Stack Nov 21, 2024 Feb 2, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 PrinterLogic Web Stack versions 19.1.1.13 SP9 and below use user-controlled input to craft a URL, resulting in a Server Side Request Forgery (SSRF) vulnerability.
CVE-2022-0339 1Janeczku 1Calibre Web Nov 21, 2024 Jan 30, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Server-Side Request Forgery (SSRF) in Pypi calibreweb prior to 0.6.16.
CVE-2022-22993 1Westerndigital 1My Cloud Os Nov 21, 2024 Jan 28, 2022 N/A· v4 8.8 HIGH· v3 8.3 HIGH· v2 A limited SSRF vulnerability was discovered on Western Digital My Cloud devices that could allow an attacker to impersonate a server and reach any page on the server by bypassing access controls. The vulnerability was ad...Show more A limited SSRF vulnerability was discovered on Western Digital My Cloud devices that could allow an attacker to impersonate a server and reach any page on the server by bypassing access controls. The vulnerability was addressed by creating a whitelist for valid parameters.Show less
CVE-2021-22821 1Schneider Electric 6Evlink City Evc1s22p4 Firmware Evlink City Evc1s7p4 FirmwareEvlink Parking Evf2 Firmware+3 more Nov 21, 2024 Jan 28, 2022 N/A· v4 8.6 HIGH· v3 5.0 MEDIUM· v2 A CWE-918 Server-Side Request Forgery (SSRF) vulnerability exists that could cause the station web server to forward requests to unintended network targets when crafted malicious parameters are submitted to the charging...Show more A CWE-918 Server-Side Request Forgery (SSRF) vulnerability exists that could cause the station web server to forward requests to unintended network targets when crafted malicious parameters are submitted to the charging station web server. Affected Products: EVlink City EVC1S22P4 / EVC1S7P4 (All versions prior to R8 V3.4.0.2 ), EVlink Parking EVW2 / EVF2 / EVP2PE (All versions prior to R8 V3.4.0.2), and EVlink Smart Wallbox EVB1A (All versions prior to R8 V3.4.0.2)Show less
CVE-2022-21697 1Jupyter 1Jupyter Server Proxy Nov 21, 2024 Jan 25, 2022 N/A· v4 7.1 HIGH· v3 5.5 MEDIUM· v2 Jupyter Server Proxy is a Jupyter notebook server extension to proxy web services. Versions of Jupyter Server Proxy prior to 3.2.1 are vulnerable to Server-Side Request Forgery (SSRF). Any user deploying Jupyter Server o...Show more Jupyter Server Proxy is a Jupyter notebook server extension to proxy web services. Versions of Jupyter Server Proxy prior to 3.2.1 are vulnerable to Server-Side Request Forgery (SSRF). Any user deploying Jupyter Server or Notebook with jupyter-proxy-server extension enabled is affected. A lack of input validation allows authenticated clients to proxy requests to other hosts, bypassing the `allowed_hosts` check. Because authentication is required, which already grants permissions to make the same requests via kernel or terminal execution, this is considered low to moderate severity. Users may upgrade to version 3.2.1 to receive a patch or, as a workaround, install the patch manually.Show less

Previous 1...106107108...134 Next