Server-Side Request Forgery (SSRF)

The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

CVEs (2,642)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2019-11767 1Phpbb 1Phpbb Nov 21, 2024 May 5, 2019 N/A· v4 5.8 MEDIUM· v3 5.0 MEDIUM· v2 Server side request forgery (SSRF) in phpBB before 3.2.6 allows checking for the existence of files and services on the local network of the host through the remote avatar upload function.
CVE-2019-0227 2Apache Oracle 37Agile Engineering Data Management Agile Product Lifecycle ManagementApplication Testing Suite+34 more May 8, 2025 May 1, 2019 N/A· v4 7.5 HIGH· v3 5.4 MEDIUM· v2 A Server Side Request Forgery (SSRF) vulnerability affected the Apache Axis 1.4 distribution that was last released in 2006. Security and bug commits commits continue in the projects Axis 1.x Subversion repository, legac...Show more A Server Side Request Forgery (SSRF) vulnerability affected the Apache Axis 1.4 distribution that was last released in 2006. Security and bug commits commits continue in the projects Axis 1.x Subversion repository, legacy users are encouraged to build from source. The successor to Axis 1.x is Axis2, the latest version is 1.7.9 and is not vulnerable to this issue.Show less
CVE-2019-9621 1Synacor 1Zimbra Collaboration Suite Nov 4, 2025 Apr 30, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Zimbra Collaboration Suite before 8.6 patch 13, 8.7.x before 8.7.11 patch 10, and 8.8.x before 8.8.10 patch 7 or 8.8.x before 8.8.11 patch 3 allows SSRF via the ProxyServlet component.
CVE-2019-11565 1Print My Blog Project 1Print My Blog Nov 21, 2024 Apr 27, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Server Side Request Forgery (SSRF) exists in the Print My Blog plugin before 1.6.7 for WordPress via the site parameter.
CVE-2019-9174 1Gitlab 1Gitlab Nov 21, 2024 Apr 17, 2019 N/A· v4 10.0 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It allows SSRF.
CVE-2019-4203 1Ibm 1Api Connect Nov 21, 2024 Apr 15, 2019 N/A· v4 9.8 CRITICAL· v3 9.0 HIGH· v2 IBM API Connect 5.0.0.0 and 5.0.8.6 Developer Portal can be exploited by app developers to download arbitrary files from the host OS and potentially carry out SSRF attacks. IBM X-Force ID: 159124.
CVE-2019-10686 1Ctrip 1Apollo Nov 21, 2024 Apr 1, 2019 N/A· v4 10.0 CRITICAL· v3 7.5 HIGH· v2 An SSRF vulnerability was found in an API from Ctrip Apollo through 1.4.0-SNAPSHOT. An attacker may use it to do an intranet port scan or raise a GET request via /system-info/health because the %23 substring is mishandle...Show more An SSRF vulnerability was found in an API from Ctrip Apollo through 1.4.0-SNAPSHOT. An attacker may use it to do an intranet port scan or raise a GET request via /system-info/health because the %23 substring is mishandled.Show less
CVE-2019-3395 1Atlassian 2Confluence Confluence Server Nov 21, 2024 Mar 25, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 The WebDAV endpoint in Atlassian Confluence Server and Data Center before version 6.6.7 (the fixed version for 6.6.x), from version 6.7.0 before 6.8.5 (the fixed version for 6.8.x), and from version 6.9.0 before 6.9.3 (t...Show more The WebDAV endpoint in Atlassian Confluence Server and Data Center before version 6.6.7 (the fixed version for 6.6.x), from version 6.7.0 before 6.8.5 (the fixed version for 6.8.x), and from version 6.9.0 before 6.9.3 (the fixed version for 6.9.x) allows remote attackers to send arbitrary HTTP and WebDAV requests from a Confluence Server or Data Center instance via Server-Side Request Forgery.Show less
CVE-2019-3809 1Moodle 1Moodle Nov 21, 2024 Mar 25, 2019 N/A· v4 10.0 CRITICAL· v3 7.5 HIGH· v2 A flaw was found in Moodle versions 3.1 to 3.1.15 and earlier unsupported versions. The mybackpack functionality allowed setting the URL of badges, when it should be restricted to the Mozilla Open Badges backpack URL. Th...Show more A flaw was found in Moodle versions 3.1 to 3.1.15 and earlier unsupported versions. The mybackpack functionality allowed setting the URL of badges, when it should be restricted to the Mozilla Open Badges backpack URL. This resulted in the possibility of blind SSRF via requests made by the page.Show less
CVE-2019-6970 1Moodle 1Moodle May 30, 2025 Mar 21, 2019 N/A· v4 7.5 HIGH· v3 6.0 MEDIUM· v2 Moodle 3.5.x before 3.5.4 allows SSRF.
CVE-2018-13103 1Open Xchange 1Open Xchange Appsuite Nov 21, 2024 Mar 21, 2019 N/A· v4 5.4 MEDIUM· v3 5.5 MEDIUM· v2 OX App Suite 7.8.4 and earlier allows SSRF.
CVE-2017-3164 1Apache 1Solr Nov 21, 2024 Mar 8, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Server Side Request Forgery in Apache Solr, versions 1.3 until 7.6 (inclusive). Since the "shards" parameter does not have a corresponding whitelist mechanism, a remote attacker with access to the server could make Solr...Show more Server Side Request Forgery in Apache Solr, versions 1.3 until 7.6 (inclusive). Since the "shards" parameter does not have a corresponding whitelist mechanism, a remote attacker with access to the server could make Solr perform an HTTP GET request to any reachable URL.Show less
CVE-2019-8982 1Wavemaker 1Wavemarker Studio Nov 21, 2024 Feb 21, 2019 N/A· v4 9.6 CRITICAL· v3 6.8 MEDIUM· v2 com/wavemaker/studio/StudioService.java in WaveMaker Studio 6.6 mishandles the studioService.download?method=getContent&inUrl= value, leading to disclosure of local files and SSRF.
CVE-2019-1003028 1Jenkins 1Jms Messaging Nov 21, 2024 Feb 20, 2019 N/A· v4 4.3 MEDIUM· v3 4.0 MEDIUM· v2 A server-side request forgery vulnerability exists in Jenkins JMS Messaging Plugin 1.1.1 and earlier in SSLCertificateAuthenticationMethod.java, UsernameAuthenticationMethod.java that allows attackers with Overall/Read p...Show more A server-side request forgery vulnerability exists in Jenkins JMS Messaging Plugin 1.1.1 and earlier in SSLCertificateAuthenticationMethod.java, UsernameAuthenticationMethod.java that allows attackers with Overall/Read permission to have Jenkins connect to a JMS endpoint.Show less
CVE-2019-1003027 1Jenkins 1Octopusdeploy Nov 21, 2024 Feb 20, 2019 N/A· v4 4.3 MEDIUM· v3 4.0 MEDIUM· v2 A server-side request forgery vulnerability exists in Jenkins OctopusDeploy Plugin 1.8.1 and earlier in OctopusDeployPlugin.java that allows attackers with Overall/Read permission to have Jenkins connect to an attacker-s...Show more A server-side request forgery vulnerability exists in Jenkins OctopusDeploy Plugin 1.8.1 and earlier in OctopusDeployPlugin.java that allows attackers with Overall/Read permission to have Jenkins connect to an attacker-specified URL and obtain the HTTP response code if successful, and exception error message otherwise.Show less
CVE-2019-1003026 1Jenkins 1Mattermost Nov 21, 2024 Feb 20, 2019 N/A· v4 4.3 MEDIUM· v3 4.0 MEDIUM· v2 A server-side request forgery vulnerability exists in Jenkins Mattermost Notification Plugin 2.6.2 and earlier in MattermostNotifier.java that allows attackers with Overall/Read permission to have Jenkins connect to an a...Show more A server-side request forgery vulnerability exists in Jenkins Mattermost Notification Plugin 2.6.2 and earlier in MattermostNotifier.java that allows attackers with Overall/Read permission to have Jenkins connect to an attacker-specified Mattermost server and room and send a message.Show less
CVE-2018-13404 1Atlassian 2Jira Jira Server Nov 21, 2024 Feb 13, 2019 N/A· v4 4.1 MEDIUM· v3 4.0 MEDIUM· v2 The VerifyPopServerConnection resource in Atlassian Jira before version 7.6.10, from version 7.7.0 before version 7.7.5, from version 7.8.0 before version 7.8.5, from version 7.9.0 before version 7.9.3, from version 7.10...Show more The VerifyPopServerConnection resource in Atlassian Jira before version 7.6.10, from version 7.7.0 before version 7.7.5, from version 7.8.0 before version 7.8.5, from version 7.9.0 before version 7.9.3, from version 7.10.0 before version 7.10.3, from version 7.11.0 before version 7.11.3, from version 7.12.0 before version 7.12.3, and from version 7.13.0 before version 7.13.1 allows remote attackers who have administrator rights to determine the existence of internal hosts & open ports and in some cases obtain service information from internal network resources via a Server Side Request Forgery (SSRF) vulnerability.Show less
CVE-2018-18569 1Dundas 1Dundas Bi Nov 21, 2024 Feb 11, 2019 N/A· v4 8.6 HIGH· v3 5.0 MEDIUM· v2 The Dundas BI server before 5.0.1.1010 is vulnerable to a Server-Side Request Forgery attack, allowing an attacker to forge arbitrary requests (with certain restrictions) that will be executed on behalf of the attacker,...Show more The Dundas BI server before 5.0.1.1010 is vulnerable to a Server-Side Request Forgery attack, allowing an attacker to forge arbitrary requests (with certain restrictions) that will be executed on behalf of the attacker, via the viewUrl parameter of the "export the dashboard as an image" feature. This could be leveraged to provide a proxy to attack other servers (internal or external) or to perform network scans of external or internal networks.Show less
CVE-2019-1679 1Cisco 2Telepresence Conductor Telepresence Video Communication Server Nov 21, 2024 Feb 7, 2019 N/A· v4 5.0 MEDIUM· v3 4.0 MEDIUM· v2 A vulnerability in the web interface of Cisco TelePresence Conductor, Cisco Expressway Series, and Cisco TelePresence Video Communication Server (VCS) Software could allow an authenticated, remote attacker to trigger an...Show more A vulnerability in the web interface of Cisco TelePresence Conductor, Cisco Expressway Series, and Cisco TelePresence Video Communication Server (VCS) Software could allow an authenticated, remote attacker to trigger an HTTP request from an affected server to an arbitrary host. This type of attack is commonly referred to as server-side request forgery (SSRF). The vulnerability is due to insufficient access controls for the REST API of Cisco Expressway Series and Cisco TelePresence VCS. An attacker could exploit this vulnerability by submitting a crafted HTTP request to the affected server. Versions prior to XC4.3.4 are affected.Show less
CVE-2019-1003020 1Jenkins 1Kanboard Nov 21, 2024 Feb 6, 2019 N/A· v4 4.3 MEDIUM· v3 4.0 MEDIUM· v2 A server-side request forgery vulnerability exists in Jenkins Kanboard Plugin 1.5.10 and earlier in KanboardGlobalConfiguration.java that allows attackers with Overall/Read permission to submit a GET request to an attack...Show more A server-side request forgery vulnerability exists in Jenkins Kanboard Plugin 1.5.10 and earlier in KanboardGlobalConfiguration.java that allows attackers with Overall/Read permission to submit a GET request to an attacker-specified URL.Show less

Previous 1...124125126...133 Next