• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-918

CVE-2020-13295

February 26, 2023 by

For GitLab Runner before 13.0.12, 13.1.6, 13.2.3, by replacing dockerd with a malicious server, the Shared Runner is susceptible to SSRF.

CVE-2020-13309

February 26, 2023 by

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. GitLab was vulnerable to a blind SSRF attack through the repository mirroring feature.

CVE-2020-13286

February 26, 2023 by

For GitLab before 13.0.12, 13.1.6, 13.2.3 user controlled git configuration settings can be modified to result in Server Side Request Forgery.

CVE-2020-13226

February 26, 2023 by

WSO2 API Manager 3.0.0 does not properly restrict outbound network access from a Publisher node, opening up the possibility of SSRF to this node’s entire intranet.

CVE-2020-12725

February 26, 2023 by

Havoc Research discovered an authenticated Server-Side Request Forgery (SSRF) via the “JSON” data source of Redash open-source 8.0.0 and prior. Possibly, other connectors are affected. The SSRF is potent and provides a lot of flexibility in terms of being able to craft HTTP requests e.g., by adding headers, selecting any HTTP verb, etc.

CVE-2020-12644

February 26, 2023 by

OX App Suite 7.10.3 and earlier allows SSRF, related to the mail account API and the /folder/list API.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 35
  • Go to page 36
  • Go to page 37
  • Go to page 38
  • Go to page 39
  • Interim pages omitted …
  • Go to page 114
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE