Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-918 (服务端请求伪造(SSRF)) — Vulnerability Class 1478

1478 vulnerabilities classified as CWE-918 (服务端请求伪造(SSRF)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2022-24789 Deserialization of untrusted data in C1 CMS. — C1-CMS-Foundation 7.6 High2022-03-28
CVE-2022-0591 Formcraft3 < 3.8.28 - Unauthenticated SSRF — FormCraft 9.1 -2022-03-21
CVE-2022-0870 Server-Side Request Forgery (SSRF) in gogs/gogs — gogs/gogs 8.2 -2022-03-11
CVE-2022-0766 Server-Side Request Forgery (SSRF) in janeczku/calibre-web — janeczku/calibre-web 9.4 -2022-03-07
CVE-2022-0767 Server-Side Request Forgery (SSRF) in janeczku/calibre-web — janeczku/calibre-web 9.4 -2022-03-07
CVE-2022-0528 Server-Side Request Forgery (SSRF) in transloadit/uppy — transloadit/uppy 6.5 Medium2022-03-03
CVE-2022-0768 Server-Side Request Forgery (SSRF) in rudloff/alltube — rudloff/alltube 7.5 -2022-02-28
CVE-2022-0671 Red Hat Vscode-Xml 代码问题漏洞 — vscode-xml 9.1 -2022-02-18
CVE-2022-21215 Airspan Networks Mimosa Server-Side Request Forgery (SSRF) — MMP 10.0 Critical2022-02-18
CVE-2022-23644 Server-side request forgery in BookWyrm — bookwyrm 8.8 High2022-02-16
CVE-2021-25939 ArangoDB - Blind SSRF when Downloading Foxx Service from URL — arangodb 2.7 Low2022-02-09
CVE-2022-0508 Server-Side Request Forgery (SSRF) in chocobozzz/peertube — chocobozzz/peertube 5.3 -2022-02-08
CVE-2022-23206 Server-Side Request Forgery in Traffic Ops endpoint POST /user/login/oauth — Apache Traffic Control 7.5 -2022-02-06
CVE-2022-0339 Server-Side Request Forgery (SSRF) in janeczku/calibre-web — janeczku/calibre-web 9.1 -2022-01-30
CVE-2022-22993 Limited Server-Side Request Forgery vulnerability on Western Digital My Cloud devices. — My Cloud 7.8 High2022-01-28
CVE-2022-21697 SSRF vulnerability (requires authentication) — jupyter-server-proxy 6.3 Medium2022-01-25
CVE-2021-36349 Dell Emc Data Protection Central 代码问题漏洞 — Data Protection Central 4.3 Medium2022-01-24
CVE-2021-41809 SSRF vulnerability in M-Files Server products with versions before 22.1.11017.1, allows requests from server. — M-Files Server 3.5 Low2022-01-18
CVE-2022-0132 Server-Side Request Forgery (SSRF) in chocobozzz/peertube — chocobozzz/peertube 7.5 -2022-01-07
CVE-2021-27738 Improper Access Control to Streaming Coordinator & SSRF — Apache Kylin 7.5 -2022-01-06
CVE-2022-0086 Server-Side Request Forgery (SSRF) in transloadit/uppy — transloadit/uppy 9.8 -2022-01-04
CVE-2021-3959 Server-Side Request Forgery in Bitdefender GravityZone Update Server in Relay Mode (VA-10145) — GravityZone 6.8 Medium2021-12-16
CVE-2021-37940 GitHub Enterprise Server 代码问题漏洞 — Enterprisesearch 4.9 -2021-12-07
CVE-2021-4075 Server-Side Request Forgery (SSRF) in snipe/snipe-it — snipe/snipe-it 8.1 -2021-12-06
CVE-2021-36327 Dell EMC Streaming Data Platform 代码问题漏洞 — Dell EMC Streaming Data Platform 5.3 Medium2021-11-30
CVE-2021-3553 Server-Side Request Forgery in EPPUpdateService remote config file (VA-9825) — Endpoint Security Tools 5.3 Medium2021-11-24
CVE-2021-3552 Insufficient validation on regular expression in EPPUpdateService config file (VA-9825) — Endpoint Security Tools 5.3 Medium2021-11-24
CVE-2021-43780 Server-Side Request Forgery (SSRF) in Redash — redash 6.8 Medium2021-11-23
CVE-2021-22970 PortlandLabs Concrete Cms 代码问题漏洞 — https://github.com/concrete5/concrete5 9.1 -2021-11-19
CVE-2021-22969 PortlandLabs Concrete Cms 代码问题漏洞 — https://github.com/concrete5/concrete5 4.3 -2021-11-19

Vulnerabilities classified as CWE-918 (服务端请求伪造(SSRF)) represent 1478 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.