CWE-918 (服务端请求伪造(SSRF)) — Vulnerability Class 1496

1496 vulnerabilities classified as CWE-918 (服务端请求伪造(SSRF)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2024-31979	Apache StreamPipes: Possibility of SSRF in pipeline element installation process — Apache StreamPipes	8.1^AI	High^AI	2024-07-17
CVE-2024-40632	Linkerd potential access to the shutdown endpoint — linkerd2	3.7	Low	2024-07-15
CVE-2024-39739	IBM Datacap Navigator server-side request forgery — Datacap Navigator	5.4	Medium	2024-07-15
CVE-2024-32987	Microsoft SharePoint Server Information Disclosure Vulnerability — Microsoft SharePoint Enterprise Server 2016	7.5	High	2024-07-09
CVE-2024-37171	[CVE-2024-37171] Server-Side Request Forgery (SSRF) in SAP Transportation Management (Collaboration Portal) — SAP Transportation Management (Collaboration Portal)	5.0	Medium	2024-07-09
CVE-2024-34689	[CVE-2024-34689] Server-Side Request Forgery in SAP Business Workflow (WebFlow Services) — SAP Business Workflow (WebFlow Services)	5.0	Medium	2024-07-09
CVE-2024-39598	[Multiple CVEs] Multiple vulnerabilities in SAP CRM (WebClient UI) — SAP CRM WebClient UI	5.0	Medium	2024-07-09
CVE-2024-39699	Directus has a Blind SSRF On File Import — directus	5.0	Medium	2024-07-08
CVE-2024-31897	IBM Cloud Pak for Business Automation server-side request forgery — Cloud Pak for Business Automation	4.3	Medium	2024-07-08
CVE-2024-6095	SSRF and Partial LFI in /models/apply Endpoint in mudler/localai — mudler/localai	5.3^AI	Medium^AI	2024-07-06
CVE-2024-37208	WordPress WP Scraper plugin <= 5.7 - Server Side Request Forgery (SSRF) vulnerability — WP Scraper	4.9	Medium	2024-07-06
CVE-2024-37260	WordPress Foxiz Theme theme <= 2.3.5 - Server Side Request Forgery (SSRF) vulnerability — Foxiz	7.2	High	2024-07-06
CVE-2024-34361	Pi-hole Blind Server-Side Request Forgery (SSRF) vulnerability can lead to Remote Code Execution (RCE) — pi-hole	8.6	High	2024-07-05
CVE-2024-39687	Fedify vulnerable to allowing access to internal network resources — fedify	7.2	High	2024-07-05
CVE-2024-6524	ShopXO Uploader.php server-side request forgery — ShopXO	5.5	Medium	2024-07-05
CVE-2024-37157	Discourse vulnerable to Server-Side Request Forgery via FastImage — discourse	6.4	Medium	2024-07-03
CVE-2024-38472	Apache HTTP Server on WIndows UNC SSRF — Apache HTTP Server	7.5^AI	High^AI	2024-07-01
CVE-2024-6424	Server-Side Request Forgery vulnerability in MESbook — MESbook	9.3	Critical	2024-07-01
CVE-2023-50952	IBM InfoSphere Information Server server-side request forgery — InfoSphere Information Server	5.4	Medium	2024-06-30
CVE-2024-38514	NextChat Server-Side Request Forgery (SSRF) — ChatGPT-Next-Web	7.4	High	2024-06-28
CVE-2024-5736	SSRF in AdmirorFrames Joomla! Extension — AdmirorFrames	7.5^AI	High^AI	2024-06-28
CVE-2024-5885	Server-Side Request Forgery (SSRF) in stangirard/quivr — stangirard/quivr	7.5^AI	High^AI	2024-06-27
CVE-2024-5822	Server-Side Request Forgery (SSRF) in gaizhenbiao/ChuanhuChatGPT — gaizhenbiao/chuanhuchatgpt	7.5^AI	High^AI	2024-06-27
CVE-2024-37098	WordPress BlossomThemes Email Newsletter plugin <= 2.2.6 - Server Side Request Forgery (SSRF) vulnerability — BlossomThemes Email Newsletter	4.4	Medium	2024-06-26
CVE-2024-29173	Dell PowerProtect Data Domain 代码问题漏洞 — PowerProtect DD	6.8	Medium	2024-06-26
CVE-2024-5015	WhatsUp Gold SessionControler Server-Side Request Forgery Information Disclosure Vulnerability — WhatsUp Gold	7.1	High	2024-06-25
CVE-2024-5014	WhatsUp Gold GetASPReport Server-Side Request Forgery Information Disclosure — WhatsUp Gold	7.1	High	2024-06-25
CVE-2023-45195	Adminer and AdminerEvo SSRF — Adminer	5.3^AI	Medium^AI	2024-06-24
CVE-2024-5746	GitHub Enterprise Server 安全漏洞 — GitHub Enterprise Server	7.6	High	2024-06-20
CVE-2024-5021	WordPress Picture / Portfolio / Media Gallery <= 3.0.1 - Unauthenticated Server-Side Request Forgery — WordPress Picture / Portfolio / Media Gallery	9.3	Critical	2024-06-19

Vulnerabilities classified as CWE-918 (服务端请求伪造(SSRF)) represent 1496 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-918 (服务端请求伪造(SSRF)) — Vulnerability Class 1496