CWE-918
AllowedServer-Side Request Forgery (SSRF)
Abstraction: Base · Status: Incomplete
The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.
4600 vulnerabilities reference this CWE, most recent first.
GHSA-X245-WV5C-HR8Q
Vulnerability from github – Published: 2024-04-17 15:30 – Updated: 2026-04-08 18:32The RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 4.4.7 via the fetch_feed functionality. This makes it possible for authenticated attackers, with contributor access and above, to make web requests to arbitrary locations originating from the web application and can be used to modify information from internal services. NOTE: This vulnerability, exploitable by contributor-level users, was was fixed in version 4.4.7. The same vulnerability was fixed for author-level users in version 4.4.8.
{
"affected": [],
"aliases": [
"CVE-2023-6805"
],
"database_specific": {
"cwe_ids": [
"CWE-918"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-04-17T13:15:08Z",
"severity": "MODERATE"
},
"details": "The RSS Aggregator by Feedzy \u2013 Feed to Post, Autoblogging, News \u0026 YouTube Video Feeds Aggregator plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 4.4.7 via the fetch_feed functionality. This makes it possible for authenticated attackers, with contributor access and above, to make web requests to arbitrary locations originating from the web application and can be used to modify information from internal services. NOTE: This vulnerability, exploitable by contributor-level users, was was fixed in version 4.4.7. The same vulnerability was fixed for author-level users in version 4.4.8.",
"id": "GHSA-x245-wv5c-hr8q",
"modified": "2026-04-08T18:32:59Z",
"published": "2024-04-17T15:30:42Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6805"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/changeset/3070624/feedzy-rss-feeds"
},
{
"type": "WEB",
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/46978e1d-7adb-49f6-8e41-093f177c9a4d?source=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-X27P-WFQW-HFCC
Vulnerability from github – Published: 2026-01-05 18:02 – Updated: 2026-01-06 15:52The Craft CMS GraphQL save_<VolumeName>_Asset mutation is vulnerable to Server-Side Request Forgery (SSRF). This vulnerability arises because the _file input, specifically its url parameter, allows the server to fetch content from arbitrary remote locations without proper validation. Attackers can exploit this by providing internal IP addresses or cloud metadata endpoints as the url, forcing the server to make requests to these restricted services. The fetched content is then saved as an asset, which can subsequently be accessed and exfiltrated, leading to potential data exposure and infrastructure compromise. This exploitation requires specific GraphQL permissions for asset management within the targeted volume.
Users should update to the patched 5.8.21 and 4.16.17 releases to mitigate the issue.
References:
https://github.com/craftcms/cms/commit/013db636fdb38f3ce5657fd196b6d952f98ebc52
https://github.com/craftcms/cms/blob/5.x/CHANGELOG.md#5821---2025-12-04
Required Permissions
The exploitation requires a few permissions to be enabled in the used GraphQL schema:
- "Edit assets in the <VolumeName> volume"
- "Create assets in the <VolumeName> volume"
Steps to Reproduce
-
Log in to the Craft CMS control panel as an admin.
-
Create a new volume if you haven’t yet.
-
Create a new schema (or use the full/public schema) and enable the permissions mentioned above in the Required Permissions section.
-
Go to GraphiQL:
http://craft.local/admin/graphiql& set the created schema. -
Run the following GraphQL mutation to upload an Asset (Replace the
<VolumeName>with your volume name):
mutation {
save_<VolumeName>_Asset(_file: {
url: "http://127.0.0.1:80/index.php"
filename: "poc.txt"
}) {
id
}
}
-
Note that the
index.phpresponse will be saved aspoc.txt& its content will be accessible via the asset preview/download functionality. -
For the PoC,
http://127.0.0.1:80/index.phpwas used as an example. However, theurlparameter can be leveraged to target internal services, cloud metadata endpoints, or any arbitrary external URL.
Impact
Successful exploitation of this SSRF vulnerability allows attackers to access internal network resources, bypass firewall rules, and conduct network reconnaissance.
In cloud environments (AWS, GCP, Azure), this can lead to the theft of sensitive credentials (e.g., IAM roles, service account tokens) from metadata endpoints, potentially resulting in the full compromise of the underlying infrastructure and the exfiltration of sensitive data.
Users should update to the patched versions (5.8.21 and 4.16.17) to mitigate the issue.
Users running Craft 3.5.0+ should update to the latest Craft 4.16.17 or 5.8.21 releases.
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 5.8.20"
},
"package": {
"ecosystem": "Packagist",
"name": "craftcms/cms"
},
"ranges": [
{
"events": [
{
"introduced": "5.0.0-RC1"
},
{
"fixed": "5.8.21"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 4.16.16"
},
"package": {
"ecosystem": "Packagist",
"name": "craftcms/cms"
},
"ranges": [
{
"events": [
{
"introduced": "3.5.0"
},
{
"fixed": "4.16.17"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-68437"
],
"database_specific": {
"cwe_ids": [
"CWE-918"
],
"github_reviewed": true,
"github_reviewed_at": "2026-01-05T18:02:37Z",
"nvd_published_at": "2026-01-05T22:15:52Z",
"severity": "MODERATE"
},
"details": "The Craft CMS GraphQL `save_\u003cVolumeName\u003e_Asset` mutation is vulnerable to Server-Side Request Forgery (SSRF). This vulnerability arises because the `_file` input, specifically its `url` parameter, allows the server to fetch content from arbitrary remote locations without proper validation. Attackers can exploit this by providing internal IP addresses or cloud metadata endpoints as the `url`, forcing the server to make requests to these restricted services. The fetched content is then saved as an asset, which can subsequently be accessed and exfiltrated, leading to potential data exposure and infrastructure compromise. This exploitation requires specific GraphQL permissions for asset management within the targeted volume.\n\nUsers should update to the patched 5.8.21 and 4.16.17 releases to mitigate the issue.\n\nReferences:\n\nhttps://github.com/craftcms/cms/commit/013db636fdb38f3ce5657fd196b6d952f98ebc52\n\nhttps://github.com/craftcms/cms/blob/5.x/CHANGELOG.md#5821---2025-12-04\n\n---\n\n### Required Permissions\n\nThe exploitation requires a few permissions to be enabled in the used GraphQL schema:\n- \"Edit assets in the `\u003cVolumeName\u003e` volume\"\n- \"Create assets in the `\u003cVolumeName\u003e` volume\"\n\n### Steps to Reproduce\n\n1. Log in to the Craft CMS control panel as an admin.\n\n2. Create a new volume if you haven\u2019t yet.\n\n3. Create a new schema (or use the full/public schema) and enable the permissions mentioned above in the **Required Permissions** section.\n\n4. Go to **GraphiQL**: `http://craft.local/admin/graphiql` \u0026 set the created schema.\n\n5. Run the following GraphQL mutation to upload an Asset *(Replace the `\u003cVolumeName\u003e` with your volume name)*:\n\n```graphql\nmutation {\n save_\u003cVolumeName\u003e_Asset(_file: { \n url: \"http://127.0.0.1:80/index.php\"\n filename: \"poc.txt\"\n }) {\n id\n }\n}\n```\n\n6. Note that the `index.php` response will be saved as `poc.txt` \u0026 its content will be accessible via the asset preview/download functionality.\n\n8. For the PoC, `http://127.0.0.1:80/index.php` was used as an example. However, the `url` parameter can be leveraged to target internal services, cloud metadata endpoints, or any arbitrary external URL.\n\n## Impact\n\nSuccessful exploitation of this SSRF vulnerability allows attackers to access internal network resources, bypass firewall rules, and conduct network reconnaissance.\n\nIn cloud environments (AWS, GCP, Azure), this can lead to the theft of sensitive credentials (e.g., IAM roles, service account tokens) from metadata endpoints, potentially resulting in the full compromise of the underlying infrastructure and the exfiltration of sensitive data.\n\n---\n\nUsers should update to the patched versions (5.8.21 and 4.16.17) to mitigate the issue.\n\nUsers running Craft 3.5.0+ should update to the latest Craft 4.16.17 or 5.8.21 releases.",
"id": "GHSA-x27p-wfqw-hfcc",
"modified": "2026-01-06T15:52:11Z",
"published": "2026-01-05T18:02:37Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/craftcms/cms/security/advisories/GHSA-x27p-wfqw-hfcc"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68437"
},
{
"type": "WEB",
"url": "https://github.com/craftcms/cms/commit/013db636fdb38f3ce5657fd196b6d952f98ebc52"
},
{
"type": "PACKAGE",
"url": "https://github.com/craftcms/cms"
},
{
"type": "WEB",
"url": "https://github.com/craftcms/cms/blob/5.x/CHANGELOG.md#5821---2025-12-04"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P",
"type": "CVSS_V4"
}
],
"summary": "Craft CMS vulnerable to Server-Side Request Forgery (SSRF) via GraphQL Asset Upload Mutation"
}
GHSA-X27V-X225-GQ8G
Vulnerability from github – Published: 2017-12-06 16:43 – Updated: 2023-08-29 15:38The Recurly Client Ruby Library before 2.0.13, 2.1.11, 2.2.5, 2.3.10, 2.4.11, 2.5.4, 2.6.3, 2.7.8, 2.8.2, 2.9.2, 2.10.4, 2.11.3 is vulnerable to a Server-Side Request Forgery vulnerability in the Resource#find method that could result in compromise of API keys or other critical resources.
{
"affected": [
{
"package": {
"ecosystem": "RubyGems",
"name": "recurly"
},
"ranges": [
{
"events": [
{
"introduced": "2.3.0"
},
{
"fixed": "2.3.10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "RubyGems",
"name": "recurly"
},
"ranges": [
{
"events": [
{
"introduced": "2.2.0"
},
{
"fixed": "2.2.5"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "RubyGems",
"name": "recurly"
},
"ranges": [
{
"events": [
{
"introduced": "2.1.0"
},
{
"fixed": "2.1.11"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "RubyGems",
"name": "recurly"
},
"ranges": [
{
"events": [
{
"introduced": "2.0.0"
},
{
"fixed": "2.0.13"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "RubyGems",
"name": "recurly"
},
"ranges": [
{
"events": [
{
"introduced": "2.9.0"
},
{
"fixed": "2.9.2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "RubyGems",
"name": "recurly"
},
"ranges": [
{
"events": [
{
"introduced": "2.8.0"
},
{
"fixed": "2.8.2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "RubyGems",
"name": "recurly"
},
"ranges": [
{
"events": [
{
"introduced": "2.7.0"
},
{
"fixed": "2.7.8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "RubyGems",
"name": "recurly"
},
"ranges": [
{
"events": [
{
"introduced": "2.6.0"
},
{
"fixed": "2.6.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "RubyGems",
"name": "recurly"
},
"ranges": [
{
"events": [
{
"introduced": "2.5.0"
},
{
"fixed": "2.5.4"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "RubyGems",
"name": "recurly"
},
"ranges": [
{
"events": [
{
"introduced": "2.4.0"
},
{
"fixed": "2.4.11"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "RubyGems",
"name": "recurly"
},
"ranges": [
{
"events": [
{
"introduced": "2.11.0"
},
{
"fixed": "2.11.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "RubyGems",
"name": "recurly"
},
"ranges": [
{
"events": [
{
"introduced": "2.10.0"
},
{
"fixed": "2.10.4"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2017-0905"
],
"database_specific": {
"cwe_ids": [
"CWE-918"
],
"github_reviewed": true,
"github_reviewed_at": "2020-06-16T22:01:40Z",
"nvd_published_at": null,
"severity": "CRITICAL"
},
"details": "The Recurly Client Ruby Library before 2.0.13, 2.1.11, 2.2.5, 2.3.10, 2.4.11, 2.5.4, 2.6.3, 2.7.8, 2.8.2, 2.9.2, 2.10.4, 2.11.3 is vulnerable to a Server-Side Request Forgery vulnerability in the `Resource#find` method that could result in compromise of API keys or other critical resources.",
"id": "GHSA-x27v-x225-gq8g",
"modified": "2023-08-29T15:38:45Z",
"published": "2017-12-06T16:43:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-0905"
},
{
"type": "WEB",
"url": "https://github.com/recurly/recurly-client-ruby/commit/1bb0284d6e668b8b3d31167790ed6db1f6ccc4be"
},
{
"type": "WEB",
"url": "https://hackerone.com/reports/288635"
},
{
"type": "PACKAGE",
"url": "https://github.com/recurly/recurly-client-ruby"
},
{
"type": "WEB",
"url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/recurly/CVE-2017-0905.yml"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Recurly gem Server-Side Request Forgery in Resource#find method"
}
GHSA-X284-MQWH-M8WM
Vulnerability from github – Published: 2025-09-30 18:30 – Updated: 2025-10-01 21:31Dify v1.6.0 was discovered to contain a Server-Side Request Forgery (SSRF) via the component controllers.console.remote_files.RemoteFileUploadApi. A different vulnerability than CVE-2025-29720.
{
"affected": [],
"aliases": [
"CVE-2025-56520"
],
"database_specific": {
"cwe_ids": [
"CWE-918"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-09-30T17:15:41Z",
"severity": "MODERATE"
},
"details": "Dify v1.6.0 was discovered to contain a Server-Side Request Forgery (SSRF) via the component controllers.console.remote_files.RemoteFileUploadApi. A different vulnerability than CVE-2025-29720.",
"id": "GHSA-x284-mqwh-m8wm",
"modified": "2025-10-01T21:31:20Z",
"published": "2025-09-30T18:30:25Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-56520"
},
{
"type": "WEB",
"url": "https://github.com/langgenius/dify/issues/22532"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-X288-3778-4HHX
Vulnerability from github – Published: 2026-02-25 22:42 – Updated: 2026-02-25 22:42A Server-Side Request Forgery (SSRF) vulnerability has been identified in the Angular SSR request handling pipeline. The vulnerability exists because Angular’s internal URL reconstruction logic directly trusts and consumes user-controlled HTTP headers specifically the Host and X-Forwarded-* family to determine the application's base origin without any validation of the destination domain.
Specifically, the framework didn't have checks for the following:
- Host Domain: The Host and X-Forwarded-Host headers were not checked to belong to a trusted origin. This allows an attacker to redefine the "base" of the application to an arbitrary external domain.
- Path & Character Sanitization: The X-Forwarded-Host header was not checked for path segments or special characters, allowing manipulation of the base path for all resolved relative URLs.
- Port Validation: The X-Forwarded-Port header was not verified as numeric, leading to malformed URI construction or injection attacks.
This vulnerability manifests in two primary ways:
- Implicit Relative URL Resolution: Angular's
HttpClientresolves relative URLs against this unvalidated and potentially malformed base origin. An attacker can "steer" these requests to an external server or internal service. - Explicit Manual Construction: Developers injecting the
REQUESTobject to manually construct URLs (for fetch or third-party SDKs) directly inherit these unsanitized values. By accessing theHost/X-Forwarded-*headers, the application logic may perform requests to attacker-controlled destinations or malformed endpoints.
Impact
When successfully exploited, this vulnerability allows for arbitrary internal request steering. This can lead to:
- Credential Exfiltration: Stealing sensitive Authorization headers or session cookies by redirecting them to an attacker's server.
- Internal Network Probing: Accessing and transmitting data from internal services, databases, or cloud metadata endpoints (e.g., 169.254.169.254) not exposed to the public internet.
- Confidentiality Breach: Accessing sensitive information processed within the application's server-side context.
Attack Preconditions
- The victim application must use Angular SSR (Server-Side Rendering).
- The application must perform
HttpClientrequests using relative URLs OR manually construct URLs using the unvalidatedHost/X-Forwarded-*headers using theREQUESTobject. - Direct Header Access: The application server is reachable by an attacker who can influence these headers without strict validation from a front-facing proxy.
- Lack of Upstream Validation: The infrastructure (Cloud, CDN, or Load Balancer) does not sanitize or validate incoming headers.
Patches
- 21.2.0-rc.1
- 21.1.5
- 20.3.17
- 19.2.21
Workarounds
- Use Absolute URLs: Avoid using
req.headersfor URL construction. Instead, use trusted variables for your base API paths. - Implement Strict Header Validation (Middleware): If you cannot upgrade immediately, implement a middleware in your
server.tsto enforce numeric ports and validated hostnames.
const ALLOWED_HOSTS = new Set(['your-domain.com']);
app.use((req, res, next) => {
const hostHeader = (req.headers['x-forwarded-host'] ?? req.headers['host'])?.toString();
const portHeader = req.headers['x-forwarded-port']?.toString();
if (hostHeader) {
const hostname = hostHeader.split(':')[0];
// Reject if hostname contains path separators or is not in allowlist
if (/^[a-z0-9.:-]+$/i.test(hostname) ||
(!ALLOWED_HOSTS.has(hostname) && hostname !== 'localhost')) {
return res.status(400).send('Invalid Hostname');
}
}
// Ensure port is strictly numeric if provided
if (portHeader && !/^\d+$/.test(portHeader)) {
return res.status(400).send('Invalid Port');
}
next();
});
References
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c 21.2.0-rc.0"
},
"package": {
"ecosystem": "npm",
"name": "@angular/ssr"
},
"ranges": [
{
"events": [
{
"introduced": "21.2.0-next.0"
},
{
"fixed": "21.2.0-rc.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "npm",
"name": "@angular/ssr"
},
"ranges": [
{
"events": [
{
"introduced": "21.0.0-next.0"
},
{
"fixed": "21.1.5"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "npm",
"name": "@angular/ssr"
},
"ranges": [
{
"events": [
{
"introduced": "20.0.0-next.0"
},
{
"fixed": "20.3.17"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "npm",
"name": "@angular/ssr"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "19.2.21"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "npm",
"name": "@nguniversal/common"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.2.0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "npm",
"name": "@nguniversal/express-engine"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.2.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-27739"
],
"database_specific": {
"cwe_ids": [
"CWE-918"
],
"github_reviewed": true,
"github_reviewed_at": "2026-02-25T22:42:36Z",
"nvd_published_at": "2026-02-25T18:23:40Z",
"severity": "CRITICAL"
},
"details": "A [Server-Side Request Forgery (SSRF)](https://developer.mozilla.org/en-US/docs/Web/Security/Attacks/SSRF) vulnerability has been identified in the Angular SSR request handling pipeline. The vulnerability exists because Angular\u2019s internal URL reconstruction logic directly trusts and consumes user-controlled HTTP headers specifically the Host and `X-Forwarded-*` family to determine the application\u0027s base origin without any validation of the destination domain.\n\nSpecifically, the framework didn\u0027t have checks for the following:\n- **Host Domain**: The `Host` and `X-Forwarded-Host` headers were not checked to belong to a trusted origin. This allows an attacker to redefine the \"base\" of the application to an arbitrary external domain.\n- **Path \u0026 Character Sanitization**: The `X-Forwarded-Host` header was not checked for path segments or special characters, allowing manipulation of the base path for all resolved relative URLs.\n- **Port Validation**: The `X-Forwarded-Port` header was not verified as numeric, leading to malformed URI construction or injection attacks.\n\n\nThis vulnerability manifests in two primary ways:\n\n- **Implicit Relative URL Resolution**: Angular\u0027s `HttpClient` resolves relative URLs against this unvalidated and potentially malformed base origin. An attacker can \"steer\" these requests to an external server or internal service.\n- **Explicit Manual Construction**: Developers injecting the `REQUEST` object to manually construct URLs (for fetch or third-party SDKs) directly inherit these unsanitized values. By accessing the `Host` / `X-Forwarded-*` headers, the application logic may perform requests to attacker-controlled destinations or malformed endpoints.\n\n### Impact\n\nWhen successfully exploited, this vulnerability allows for arbitrary internal request steering. This can lead to:\n- **Credential Exfiltration**: Stealing sensitive `Authorization` headers or session cookies by redirecting them to an attacker\u0027s server.\n- **Internal Network Probing**: Accessing and transmitting data from internal services, databases, or cloud metadata endpoints (e.g., `169.254.169.254`) not exposed to the public internet.\n- Confidentiality Breach: Accessing sensitive information processed within the application\u0027s server-side context.\n\n### Attack Preconditions\n\n- The victim application must use Angular SSR (Server-Side Rendering).\n- The application must perform `HttpClient` requests using relative URLs OR manually construct URLs using the unvalidated `Host` / `X-Forwarded-*` headers using the `REQUEST` object.\n- **Direct Header Access**: The application server is reachable by an attacker who can influence these headers without strict validation from a front-facing proxy.\n- **Lack of Upstream Validation**: The infrastructure (Cloud, CDN, or Load Balancer) does not sanitize or validate incoming headers.\n\n### Patches\n\n- 21.2.0-rc.1\n- 21.1.5\n- 20.3.17\n- 19.2.21\n\n\n### Workarounds\n- **Use Absolute URLs:** Avoid using `req.headers` for URL construction. Instead, use trusted variables for your base API paths.\n- **Implement Strict Header Validation (Middleware)**: If you cannot upgrade immediately, implement a middleware in your `server.ts` to enforce numeric ports and validated hostnames.\n\n```ts\nconst ALLOWED_HOSTS = new Set([\u0027your-domain.com\u0027]);\n\napp.use((req, res, next) =\u003e {\n const hostHeader = (req.headers[\u0027x-forwarded-host\u0027] ?? req.headers[\u0027host\u0027])?.toString();\n const portHeader = req.headers[\u0027x-forwarded-port\u0027]?.toString();\n\n if (hostHeader) {\n const hostname = hostHeader.split(\u0027:\u0027)[0];\n // Reject if hostname contains path separators or is not in allowlist\n if (/^[a-z0-9.:-]+$/i.test(hostname) || \n (!ALLOWED_HOSTS.has(hostname) \u0026\u0026 hostname !== \u0027localhost\u0027)) {\n return res.status(400).send(\u0027Invalid Hostname\u0027);\n }\n }\n\n // Ensure port is strictly numeric if provided\n if (portHeader \u0026\u0026 !/^\\d+$/.test(portHeader)) {\n return res.status(400).send(\u0027Invalid Port\u0027);\n }\n\n next();\n});\n```\n\n### References\n\n- [Fix](https://github.com/angular/angular-cli/pull/32516)\n- [Docs](https://angular.dev/best-practices/security#preventing-server-side-request-forgery-ssrf)",
"id": "GHSA-x288-3778-4hhx",
"modified": "2026-02-25T22:42:36Z",
"published": "2026-02-25T22:42:36Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/angular/angular-cli/security/advisories/GHSA-x288-3778-4hhx"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27739"
},
{
"type": "WEB",
"url": "https://github.com/angular/angular-cli/pull/32516"
},
{
"type": "WEB",
"url": "https://angular.dev/best-practices/security#preventing-server-side-request-forgery-ssrf"
},
{
"type": "WEB",
"url": "https://developer.mozilla.org/en-US/docs/Web/Security/Attacks/SSRF"
},
{
"type": "PACKAGE",
"url": "https://github.com/angular/angular-cli"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:H/SI:L/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Angular SSR is vulnerable to SSRF and Header Injection via request handling pipeline"
}
GHSA-X2F5-332J-9XWQ
Vulnerability from github – Published: 2026-03-30 17:08 – Updated: 2026-04-06 16:44Summary
Docker Model Runner contains an SSRF vulnerability in its OCI registry token exchange flow. When pulling a model, Model Runner follows the realm URL from the registry's WWW-Authenticate header without validating the scheme, hostname, or IP range. A malicious OCI registry can set the realm to an internal URL (e.g., http://127.0.0.1:3000/), causing Model Runner running on the host to make arbitrary GET requests to internal services and reflect the full response body back to the caller. Additionally, the token exchange mechanism can relay data from internal services back to the attacker-controlled registry via the Authorization: Bearer header.
Patches
Fixed in Docker Model Runner v1.1.25 Docker Desktop users should update to 4.67.0 or later, which includes the fixed Model Runner.
Workarounds
For Docker Desktop users, enabling Enhanced Container Isolation (ECI) blocks container access to Model Runner, preventing exploitation. However, if the Docker Model Runner is exposed to localhost over TCP in specific configurations, the vulnerability is still exploitable.
Impact
An unprivileged container or a malicious OCI registry that the user performed a pull from might issue GET requests to host-local services (localhost, internal network)
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "github.com/docker/model-runner"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.1.25"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-33990"
],
"database_specific": {
"cwe_ids": [
"CWE-918"
],
"github_reviewed": true,
"github_reviewed_at": "2026-03-30T17:08:25Z",
"nvd_published_at": "2026-04-01T17:28:39Z",
"severity": "MODERATE"
},
"details": "## Summary\nDocker Model Runner contains an SSRF vulnerability in its OCI registry token exchange flow. When pulling a model, Model Runner follows the realm URL from the registry\u0027s `WWW-Authenticate` header without validating the scheme, hostname, or IP range. A malicious OCI registry can set the realm to an internal URL (e.g., `http://127.0.0.1:3000/`), causing Model Runner running on the host to make arbitrary GET requests to internal services and reflect the full response body back to the caller. Additionally, the token exchange mechanism can relay data from internal services back to the attacker-controlled registry via the `Authorization: Bearer` header.\n\n## Patches\nFixed in Docker Model Runner v1.1.25\nDocker Desktop users should update to 4.67.0 or later, which includes the fixed Model Runner.\n\n## Workarounds\nFor Docker Desktop users, enabling Enhanced Container Isolation (ECI) blocks container access to Model Runner, preventing exploitation. However, if the Docker Model Runner is exposed to localhost over TCP in specific configurations, the vulnerability is still exploitable.\n\n## Impact\nAn unprivileged container or a malicious OCI registry that the user performed a pull from might issue GET requests to host-local services (localhost, internal network)",
"id": "GHSA-x2f5-332j-9xwq",
"modified": "2026-04-06T16:44:36Z",
"published": "2026-03-30T17:08:25Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/docker/model-runner/security/advisories/GHSA-x2f5-332j-9xwq"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33990"
},
{
"type": "PACKAGE",
"url": "https://github.com/docker/model-runner"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Docker Model Runner OCI Registry Client Vulnerable to Server-Side Request Forgery (SSRF)"
}
GHSA-X2MH-8FMC-RQGH
Vulnerability from github – Published: 2023-08-23 18:30 – Updated: 2025-02-13 19:11Apache Airflow, in versions prior to 2.7.0, contains a security vulnerability that can be exploited by an authenticated user possessing Connection edit privileges. This vulnerability allows the user to access connection information and exploit the test connection feature by sending many requests, leading to a denial of service (DoS) condition on the server. Furthermore, malicious actors can leverage this vulnerability to establish harmful connections with the server.
Users of Apache Airflow are strongly advised to upgrade to version 2.7.0 or newer to mitigate the risk associated with this vulnerability. Additionally, administrators are encouraged to review and adjust user permissions to restrict access to sensitive functionalities, reducing the attack surface.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "apache-airflow"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.7.0b1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2023-37379"
],
"database_specific": {
"cwe_ids": [
"CWE-200",
"CWE-400",
"CWE-918"
],
"github_reviewed": true,
"github_reviewed_at": "2023-08-24T12:52:17Z",
"nvd_published_at": "2023-08-23T16:15:09Z",
"severity": "HIGH"
},
"details": "Apache Airflow, in versions prior to 2.7.0, contains a security vulnerability that can be exploited by an authenticated user possessing Connection edit privileges. This vulnerability allows the user to access connection information and exploit the test connection feature by sending many requests, leading to a denial of service (DoS) condition on the server. Furthermore, malicious actors can leverage this vulnerability to establish harmful connections with the server.\n\nUsers of Apache Airflow are strongly advised to upgrade to version 2.7.0 or newer to mitigate the risk associated with this vulnerability. Additionally, administrators are encouraged to review and adjust user permissions to restrict access to sensitive functionalities, reducing the attack surface.",
"id": "GHSA-x2mh-8fmc-rqgh",
"modified": "2025-02-13T19:11:02Z",
"published": "2023-08-23T18:30:34Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-37379"
},
{
"type": "WEB",
"url": "https://github.com/apache/airflow/pull/32052"
},
{
"type": "WEB",
"url": "https://github.com/apache/airflow/commit/e4c3ecf8ceaefa17525b495e4bcb5b2f41309603"
},
{
"type": "PACKAGE",
"url": "https://github.com/apache/airflow"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/apache-airflow/PYSEC-2023-152.yaml"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread/g5c9vcn27lr14go48thrjpo6f4vw571r"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2023/08/23/4"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Apache Airflow denial of service vulnerability"
}
GHSA-X2QR-JHH4-F3VX
Vulnerability from github – Published: 2026-01-23 15:31 – Updated: 2026-01-26 21:30Server-Side Request Forgery (SSRF) vulnerability in Prince Radio Player radio-player allows Server Side Request Forgery.This issue affects Radio Player: from n/a through <= 2.0.91.
{
"affected": [],
"aliases": [
"CVE-2026-24548"
],
"database_specific": {
"cwe_ids": [
"CWE-918"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-01-23T15:16:10Z",
"severity": "MODERATE"
},
"details": "Server-Side Request Forgery (SSRF) vulnerability in Prince Radio Player radio-player allows Server Side Request Forgery.This issue affects Radio Player: from n/a through \u003c= 2.0.91.",
"id": "GHSA-x2qr-jhh4-f3vx",
"modified": "2026-01-26T21:30:35Z",
"published": "2026-01-23T15:31:36Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24548"
},
{
"type": "WEB",
"url": "https://patchstack.com/database/Wordpress/Plugin/radio-player/vulnerability/wordpress-radio-player-plugin-2-0-91-server-side-request-forgery-ssrf-vulnerability?_s_id=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-X2VJ-49JW-8JMG
Vulnerability from github – Published: 2023-02-02 00:30 – Updated: 2023-02-09 21:30In dotCMS 5.x-22.06, TempFileAPI allows a user to create a temporary file based on a passed in URL, while attempting to block any SSRF access to local IP addresses or private subnets. In resolving this URL, the TempFileAPI follows any 302 redirects that the remote URL returns. Because there is no re-validation of the redirect URL, the TempFileAPI can be used to return data from those local/private hosts that should not be accessible remotely.
{
"affected": [],
"aliases": [
"CVE-2022-37033"
],
"database_specific": {
"cwe_ids": [
"CWE-918"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-02-01T22:15:00Z",
"severity": "MODERATE"
},
"details": "In dotCMS 5.x-22.06, TempFileAPI allows a user to create a temporary file based on a passed in URL, while attempting to block any SSRF access to local IP addresses or private subnets. In resolving this URL, the TempFileAPI follows any 302 redirects that the remote URL returns. Because there is no re-validation of the redirect URL, the TempFileAPI can be used to return data from those local/private hosts that should not be accessible remotely.",
"id": "GHSA-x2vj-49jw-8jmg",
"modified": "2023-02-09T21:30:28Z",
"published": "2023-02-02T00:30:16Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-37033"
},
{
"type": "WEB",
"url": "https://www.dotcms.com/security/SI-64"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-X2WV-W39C-7C55
Vulnerability from github – Published: 2026-04-20 15:31 – Updated: 2026-04-20 15:31A vulnerability was determined in Qibo CMS 1.0. Affected by this issue is some unknown functionality of the file /index/image/headers. Executing a manipulation of the argument starts can lead to server-side request forgery. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
{
"affected": [],
"aliases": [
"CVE-2026-6649"
],
"database_specific": {
"cwe_ids": [
"CWE-918"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-04-20T14:16:23Z",
"severity": "MODERATE"
},
"details": "A vulnerability was determined in Qibo CMS 1.0. Affected by this issue is some unknown functionality of the file /index/image/headers. Executing a manipulation of the argument starts can lead to server-side request forgery. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.",
"id": "GHSA-x2wv-w39c-7c55",
"modified": "2026-04-20T15:31:52Z",
"published": "2026-04-20T15:31:52Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-6649"
},
{
"type": "WEB",
"url": "https://tcn60zf28jhk.feishu.cn/wiki/VYIcwwH4uiWZMgkX0SecopTgnQd?from=from_copylink"
},
{
"type": "WEB",
"url": "https://vuldb.com/submit/793510"
},
{
"type": "WEB",
"url": "https://vuldb.com/vuln/358283"
},
{
"type": "WEB",
"url": "https://vuldb.com/vuln/358283/cti"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
No mitigation information available for this CWE.
CAPEC-664: Server Side Request Forgery
An adversary exploits improper input validation by submitting maliciously crafted input to a target application running on a server, with the goal of forcing the server to make a request either to itself, to web services running in the server’s internal network, or to external third parties. If successful, the adversary’s request will be made with the server’s privilege level, bypassing its authentication controls. This ultimately allows the adversary to access sensitive data, execute commands on the server’s network, and make external requests with the stolen identity of the server. Server Side Request Forgery attacks differ from Cross Site Request Forgery attacks in that they target the server itself, whereas CSRF attacks exploit an insecure user authentication mechanism to perform unauthorized actions on the user's behalf.