This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[description] | |
Microcks up to 1.17.1 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /jobs and /artifact/download. This vulnerability allows attackers to access network resources and sensitive information via a crafted GET request. | |
> | |
------------------------------------------ | |
> | |
[Vulnerability Type] | |
Server-Side Request Forgery (SSRF) | |
> | |
------------------------------------------ | |
> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[description] | |
An arbitrary file upload vulnerability in Halo up to v1.6.1 allows | |
attackers to execute arbitrary code via a crafted .md file. | |
> | |
------------------------------------------ | |
> | |
[VulnerabilityType Other] | |
File Upload | |
> | |
------------------------------------------ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[description] | |
request-baskets up to v1.2.1 was discovered to contain a Server-Side | |
Request Forgery (SSRF) via the component /api/baskets/{name}. This | |
vulnerability allows attackers to access network resources and | |
sensitive information via a crafted API request. | |
> | |
------------------------------------------ | |
> | |
[VulnerabilityType Other] | |
Server-Side Request Forgery (SSRF) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[description] | |
openapi-generator up to v6.4.0 was discovered to contain a Server-Side | |
Request Forgery (SSRF) via the component /api/gen/clients/{language}. | |
This vulnerability allows attackers to access network resources and | |
sensitive information via a crafted API request. | |
> | |
------------------------------------------ | |
> | |
[VulnerabilityType Other] | |
Server-Side Request Forgery (SSRF) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[description] | |
Jellyfin up to v10.7.7 was discovered to contain a Server-Side Request | |
Forgery (SSRF) via the component /Repositories. This vulnerability | |
allows attackers to access network resources and sensitive information | |
via a crafted POST request. | |
> | |
------------------------------------------ | |
> | |
[VulnerabilityType Other] | |
Server-Side Request Forgery (SSRF) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[description] | |
forem up to v2022.11.11 was discovered to contain a Cross Site Request Forgery (CSRF) | |
via the component /articles, /articles/{id}. | |
> | |
------------------------------------------ | |
> | |
[Vulnerability Type] | |
Cross Site Request Forgery (CSRF) | |
> | |
------------------------------------------ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[description] | |
Appwrite up to v1.2.1 was discovered to contain a Server-Side Request | |
Forgery (SSRF) via the component /v1/avatars/favicon. This | |
vulnerability allows attackers to access network resources and | |
sensitive information via a crafted GET request. | |
> | |
------------------------------------------ | |
> | |
[VulnerabilityType Other] | |
Server-Side Request Forgery (SSRF) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[description] | |
Appwrite up to v1.2.1 was discovered to contain a Server-Side Request | |
Forgery (SSRF) via the component /v1/avatars/favicon. This | |
vulnerability allows attackers to access network resources and | |
sensitive information via a crafted GET request. | |
> | |
------------------------------------------ | |
> | |
[VulnerabilityType Other] | |
Server-Side Request Forgery (SSRF) |