Server-Side Request Forgery (SSRF)

The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

CVEs (2,642)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2018-20497 1Gitlab 1Gitlab Nov 21, 2024 Dec 30, 2019 N/A· v4 5.0 MEDIUM· v3 4.0 MEDIUM· v2 An issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It allows SSRF.
CVE-2019-20055 1Liquidpixels 1Liquifire Os Nov 21, 2024 Dec 29, 2019 N/A· v4 6.5 MEDIUM· v3 6.4 MEDIUM· v2 LuquidPixels LiquiFire OS 4.8.0 allows SSRF via the call%3Durl substring followed by a URL in square brackets.
CVE-2019-19999 1Halo 1Halo Nov 21, 2024 Dec 26, 2019 N/A· v4 7.2 HIGH· v3 6.5 MEDIUM· v2 Halo before 1.2.0-beta.1 allows Server Side Template Injection (SSTI) because TemplateClassResolver.SAFER_RESOLVER is not used in the FreeMarker configuration.
CVE-2019-18379 1Symantec 1Messaging Gateway Nov 21, 2024 Dec 11, 2019 N/A· v4 7.3 HIGH· v3 7.5 HIGH· v2 Symantec Messaging Gateway, prior to 10.7.3, may be susceptible to a server-side request forgery (SSRF) exploit, which is a type of issue that can let an attacker send crafted requests from the backend server of a vulner...Show more Symantec Messaging Gateway, prior to 10.7.3, may be susceptible to a server-side request forgery (SSRF) exploit, which is a type of issue that can let an attacker send crafted requests from the backend server of a vulnerable web application or access services available through the loopback interface.Show less
CVE-2019-16948 1Enghouse 1Web Chat Nov 21, 2024 Nov 13, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An SSRF issue was discovered in Enghouse Web Chat 6.1.300.31. In any POST request, one can replace the port number at WebServiceLocation=http://localhost:8085/UCWebServices/ with a range of ports to determine what is vis...Show more An SSRF issue was discovered in Enghouse Web Chat 6.1.300.31. In any POST request, one can replace the port number at WebServiceLocation=http://localhost:8085/UCWebServices/ with a range of ports to determine what is visible on the internal network (as opposed to what general web traffic would see on the product's host). The response from open ports is different than from closed ports. The product does not allow one to change the protocol: anything except http(s) will throw an error; however, it is the type of error that allows one to determine if a port is open or not.Show less
CVE-2019-8156 1Magento 1Magento Nov 21, 2024 Nov 6, 2019 N/A· v4 7.2 HIGH· v3 6.5 MEDIUM· v2 A server-side request forgery (SSRF) vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user with admin privileges to modify store configurations can manipulate...Show more A server-side request forgery (SSRF) vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user with admin privileges to modify store configurations can manipulate the connector api endpoint to enable remote code execution.Show less
CVE-2019-8151 1Magento 1Magento Nov 21, 2024 Nov 6, 2019 N/A· v4 7.2 HIGH· v3 6.5 MEDIUM· v2 A remote code execution vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user with admin privileges to manipulate shippment settings can execute arbitrary code...Show more A remote code execution vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user with admin privileges to manipulate shippment settings can execute arbitrary code through server-side request forgery due to unsafe handling of a carrier gateway.Show less
CVE-2019-18394 1Igniterealtime 1Openfire Nov 21, 2024 Oct 24, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A Server Side Request Forgery (SSRF) vulnerability in FaviconServlet.java in Ignite Realtime Openfire through 4.4.2 allows attackers to send arbitrary HTTP GET requests.
CVE-2019-18355 1Thycotic 1Secret Server Nov 21, 2024 Oct 23, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An SSRF issue was discovered in the legacy Web launcher in Thycotic Secret Server before 10.7.
CVE-2019-17400 1Universal Office Converter Project 1Universal Office Converter Nov 21, 2024 Oct 21, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The unoconv package before 0.9 mishandles untrusted pathnames, leading to SSRF and local file inclusion.
CVE-2019-17670 2Debian Wordpress 2Debian Linux Wordpress Nov 21, 2024 Oct 17, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 WordPress before 5.2.4 has a Server Side Request Forgery (SSRF) vulnerability because Windows paths are mishandled during certain validation of relative URLs.
CVE-2019-17669 2Debian Wordpress 2Debian Linux Wordpress Nov 21, 2024 Oct 17, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 WordPress before 5.2.4 has a Server Side Request Forgery (SSRF) vulnerability because URL validation does not consider the interpretation of a name as a series of hex characters.
CVE-2019-14225 1Open Xchange 1Open Xchange Appsuite Nov 21, 2024 Oct 14, 2019 N/A· v4 5.4 MEDIUM· v3 5.5 MEDIUM· v2 OX App Suite 7.10.1 and 7.10.2 allows SSRF.
CVE-2017-18638 1Graphite Project 1Graphite Nov 21, 2024 Oct 11, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 send_email in graphite-web/webapp/graphite/composer/views.py in Graphite through 1.1.5 is vulnerable to SSRF. The vulnerable SSRF endpoint can be used by an attacker to have the Graphite web server request any resource....Show more send_email in graphite-web/webapp/graphite/composer/views.py in Graphite through 1.1.5 is vulnerable to SSRF. The vulnerable SSRF endpoint can be used by an attacker to have the Graphite web server request any resource. The response to this SSRF request is encoded into an image file and then sent to an e-mail address that can be supplied by the attacker. Thus, an attacker can exfiltrate any information.Show less
CVE-2019-15021 1Zingbox 1Inspector Nov 21, 2024 Oct 9, 2019 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 A security vulnerability exists in the Zingbox Inspector versions 1.294 and earlier, that can allow an attacker to easily identify instances of Zingbox Inspectors in a local area network.
CVE-2019-15164 1Tcpdump 1Libpcap Nov 21, 2024 Oct 3, 2019 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 rpcapd/daemon.c in libpcap before 1.9.1 allows SSRF because a URL may be provided as a capture source.
CVE-2019-13335 1Salesagility 1Suitecrm Nov 21, 2024 Oct 2, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 SalesAgility SuiteCRM 7.10.x 7.10.19 and 7.11.x before and 7.11.7 has SSRF.
CVE-2019-16932 1Themeisle 1Visualizer Nov 21, 2024 Sep 30, 2019 N/A· v4 10.0 CRITICAL· v3 5.8 MEDIUM· v2 A blind SSRF vulnerability exists in the Visualizer plugin before 3.3.1 for WordPress via wp-json/visualizer/v1/upload-data.
CVE-2019-4262 1Ibm 1Qradar Security Information And Event Manager Nov 21, 2024 Sep 26, 2019 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 IBM QRadar SIEM 7.2 and 7.3 is vulnerable to Server Side Request Forgery (SSRF). This may allow an unauthenticated attacker to send unauthorized requests from the QRadar system, potentially leading to network enumeration...Show more IBM QRadar SIEM 7.2 and 7.3 is vulnerable to Server Side Request Forgery (SSRF). This may allow an unauthenticated attacker to send unauthorized requests from the QRadar system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 160014.Show less
CVE-2019-15033 1Pydio 1Pydio Nov 21, 2024 Sep 19, 2019 N/A· v4 7.7 HIGH· v3 4.0 MEDIUM· v2 Pydio 6.0.8 allows Authenticated SSRF during a Remote Link Feature download. An attacker can specify an intranet address in the file parameter to index.php, when sending a file to a remote server, as demonstrated by the...Show more Pydio 6.0.8 allows Authenticated SSRF during a Remote Link Feature download. An attacker can specify an intranet address in the file parameter to index.php, when sending a file to a remote server, as demonstrated by the file=http%3A%2F%2F192.168.1.2 substring.Show less

Previous 1...121122123...133 Next