Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
DbGate REST/GraphQL openApiDriver.ts apiServerUrl1 server-side request forgery
Vulnerability Description
A weakness has been identified in DbGate up to 7.1.4. The impacted element is the function apiServerUrl1 of the file packages/rest/src/openApiDriver.ts of the component REST/GraphQL. This manipulation causes server-side request forgery. The attack may be initiated remotely. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
服务端请求伪造(SSRF)
Vulnerability Title
DbGate 代码问题漏洞
Vulnerability Description
DbGate是DbGate开源的一个数据库管理器。 DbGate 7.1.4及之前版本存在代码问题漏洞,该漏洞源于REST/GraphQL组件中文件packages/rest/src/openApiDriver.ts的函数apiServerUrl1存在服务端请求伪造。
CVSS Information
N/A
Vulnerability Type
N/A