Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-918 (服务端请求伪造(SSRF)) — Vulnerability Class 1485

1485 vulnerabilities classified as CWE-918 (服务端请求伪造(SSRF)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2022-3172 Kubernetes - API server - Aggregated API server can cause clients to be redirected (SSRF) — kube-apiserver 5.1 Medium2023-11-03
CVE-2023-39301 QTS, QuTS hero, QuTScloud — QTS 4.3 Medium2023-11-03
CVE-2023-4769 Server-Side Request Forgery in ManageEngine Desktop Central — Desktop Central 6.6 Medium2023-11-03
CVE-2023-35896 IBM Content Navigator server-side request forgery — Content Navigator 5.4 Medium2023-11-03
CVE-2023-46725 FoodCoopShop Server-Side Request Forgery vulnerability — foodcoopshop 8.1 High2023-11-02
CVE-2023-46236 FOG SSRF via unauthenticated endpoint(s) — fogproject 8.6 High2023-10-31
CVE-2023-43798 BigBlueButton Blind SSRF When Uploading Presentation (mitigation bypass) — bigbluebutton 5.6 Medium2023-10-30
CVE-2023-46124 Server-Side Request Forgery Vulnerability in Custom Integration Upload — fides 8.2 High2023-10-24
CVE-2023-43795 WPS Server Side Request Forgery in GeoServer — geoserver 8.6 High2023-10-24
CVE-2023-41339 Unsecured WMS dynamic styling sld=<url> parameter affords blind unauthenticated SSRF in GeoServer — geoserver 8.6 High2023-10-24
CVE-2023-41899 Partial Server-Side Request Forgery in Home Assistant Core — core 6.6 Medium2023-10-19
CVE-2023-45822 Unsafe rego built-in allowed in Artifact Hub — hub 3.7 Low2023-10-19
CVE-2023-25753 Server-Side Request Forgery in Apache ShenYu — Apache ShenYu 9.1 -2023-10-19
CVE-2023-45152 Blind Server Side Request Forgery (SSRF) in remote schedule import feature in Engelsystem — engelsystem 2.0 Low2023-10-16
CVE-2023-45660 Require strict cookies for image proxy requests in Nextcloud Mail — security-advisories 4.3 Medium2023-10-16
CVE-2023-5572 Server-Side Request Forgery (SSRF) in vriteio/vrite — vriteio/vrite 7.5 -2023-10-13
CVE-2023-26366 Validate Your Inputs | Server-Side Request Forgery (SSRF) (CWE-918) — Adobe Commerce 6.8 Medium2023-10-13
CVE-2023-41763 Skype for Business Elevation of Privilege Vulnerability — Skype for Business Server 2015 CU13 5.3 Medium2023-10-10
CVE-2023-42477 Server-Side Request Forgery in SAP NetWeaver AS Java (GRMG Heartbeat application) — SAP NetWeaver AS Java 6.5 Medium2023-10-10
CVE-2023-3744 Server-Side Request Forgery in SLiMS — SLiMS 9.9 Critical2023-10-02
CVE-2023-43654 TorchServe Server-Side Request Forgery — serve 10.0 Critical2023-09-28
CVE-2023-42812 Galaxy vulnerable to Server Side Request Forgery during data imports — galaxy 6.3 Medium2023-09-22
CVE-2023-42450 Mastodon Server-Side Request Forgery vulnerability — mastodon 5.4 Medium2023-09-19
CVE-2023-3025 Dropbox Folder Share <= 1.9.7 - Unauthenticated Server-Side Request Forgery via 'link' — Dropbox Folder Share 7.2 High2023-09-16
CVE-2023-42439 GeoNode SSRF Bypass to return internal host data — geonode 7.5 High2023-09-15
CVE-2023-4893 Crayon Syntax Highlighter <= 2.8.4 - Authenticated (Contributor+) Server Side Request Forgery — Crayon Syntax Highlighter 6.4 Medium2023-09-12
CVE-2023-4878 Server-Side Request Forgery (SSRF) in instantsoft/icms2 — instantsoft/icms2 7.5 -2023-09-10
CVE-2023-39967 Full read and controlled SSRF through URL parameter when testing a request inside wiremock-studio — wiremock 10.0 Critical2023-09-06
CVE-2023-41327 Controlled SSRF through URL in the WireMock — wiremock 4.6 Medium2023-09-06
CVE-2023-36388 Apache Superset: Improper API permission for low privilege users allows for SSRF — Apache Superset 4.3 Medium2023-09-06

Vulnerabilities classified as CWE-918 (服务端请求伪造(SSRF)) represent 1485 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.