Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-918 (服务端请求伪造(SSRF)) — Vulnerability Class 1489

1489 vulnerabilities classified as CWE-918 (服务端请求伪造(SSRF)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2023-31219 WordPress Download Monitor Plugin <= 4.8.1 is vulnerable to Server Side Request Forgery (SSRF) — Download Monitor 4.1 Medium2023-11-13
CVE-2023-47121 Discourse SSRF vulnerability in Embedding — discourse 3.4 Low2023-11-10
CVE-2023-46729 Sentry Next.js vulnerable to SSRF via Next.js SDK tunnel endpoint — sentry-javascript 9.3 Critical2023-11-10
CVE-2023-46730 Server-Side Request Forgery in groupoffice — groupoffice 7.4 High2023-11-07
CVE-2022-3172 Kubernetes - API server - Aggregated API server can cause clients to be redirected (SSRF) — kube-apiserver 5.1 Medium2023-11-03
CVE-2023-39301 QTS, QuTS hero, QuTScloud — QTS 4.3 Medium2023-11-03
CVE-2023-4769 Server-Side Request Forgery in ManageEngine Desktop Central — Desktop Central 6.6 Medium2023-11-03
CVE-2023-35896 IBM Content Navigator server-side request forgery — Content Navigator 5.4 Medium2023-11-03
CVE-2023-46725 FoodCoopShop Server-Side Request Forgery vulnerability — foodcoopshop 8.1 High2023-11-02
CVE-2023-46236 FOG SSRF via unauthenticated endpoint(s) — fogproject 8.6 High2023-10-31
CVE-2023-43798 BigBlueButton Blind SSRF When Uploading Presentation (mitigation bypass) — bigbluebutton 5.6 Medium2023-10-30
CVE-2023-46124 Server-Side Request Forgery Vulnerability in Custom Integration Upload — fides 8.2 High2023-10-24
CVE-2023-43795 WPS Server Side Request Forgery in GeoServer — geoserver 8.6 High2023-10-24
CVE-2023-41339 Unsecured WMS dynamic styling sld=<url> parameter affords blind unauthenticated SSRF in GeoServer — geoserver 8.6 High2023-10-24
CVE-2023-41899 Partial Server-Side Request Forgery in Home Assistant Core — core 6.6 Medium2023-10-19
CVE-2023-45822 Unsafe rego built-in allowed in Artifact Hub — hub 3.7 Low2023-10-19
CVE-2023-25753 Server-Side Request Forgery in Apache ShenYu — Apache ShenYu 9.1 -2023-10-19
CVE-2023-45152 Blind Server Side Request Forgery (SSRF) in remote schedule import feature in Engelsystem — engelsystem 2.0 Low2023-10-16
CVE-2023-45660 Require strict cookies for image proxy requests in Nextcloud Mail — security-advisories 4.3 Medium2023-10-16
CVE-2023-5572 Server-Side Request Forgery (SSRF) in vriteio/vrite — vriteio/vrite 7.5 -2023-10-13
CVE-2023-26366 Validate Your Inputs | Server-Side Request Forgery (SSRF) (CWE-918) — Adobe Commerce 6.8 Medium2023-10-13
CVE-2023-41763 Skype for Business Elevation of Privilege Vulnerability — Skype for Business Server 2015 CU13 5.3 Medium2023-10-10
CVE-2023-42477 Server-Side Request Forgery in SAP NetWeaver AS Java (GRMG Heartbeat application) — SAP NetWeaver AS Java 6.5 Medium2023-10-10
CVE-2023-3744 Server-Side Request Forgery in SLiMS — SLiMS 9.9 Critical2023-10-02
CVE-2023-43654 TorchServe Server-Side Request Forgery — serve 10.0 Critical2023-09-28
CVE-2023-42812 Galaxy vulnerable to Server Side Request Forgery during data imports — galaxy 6.3 Medium2023-09-22
CVE-2023-42450 Mastodon Server-Side Request Forgery vulnerability — mastodon 5.4 Medium2023-09-19
CVE-2023-3025 Dropbox Folder Share <= 1.9.7 - Unauthenticated Server-Side Request Forgery via 'link' — Dropbox Folder Share 7.2 High2023-09-16
CVE-2023-42439 GeoNode SSRF Bypass to return internal host data — geonode 7.5 High2023-09-15
CVE-2023-4893 Crayon Syntax Highlighter <= 2.8.4 - Authenticated (Contributor+) Server Side Request Forgery — Crayon Syntax Highlighter 6.4 Medium2023-09-12

Vulnerabilities classified as CWE-918 (服务端请求伪造(SSRF)) represent 1489 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.