CWE-918
AllowedServer-Side Request Forgery (SSRF)
Abstraction: Base · Status: Incomplete
The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.
4592 vulnerabilities reference this CWE, most recent first.
GHSA-X5C9-RRJF-32HG
Vulnerability from github – Published: 2024-04-18 12:30 – Updated: 2026-04-28 21:34Server-Side Request Forgery (SSRF) vulnerability in Really Simple Plugins Really Simple SSL.This issue affects Really Simple SSL: from n/a through 7.2.3.
{
"affected": [],
"aliases": [
"CVE-2024-31229"
],
"database_specific": {
"cwe_ids": [
"CWE-918"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-04-18T11:15:37Z",
"severity": "MODERATE"
},
"details": "Server-Side Request Forgery (SSRF) vulnerability in Really Simple Plugins Really Simple SSL.This issue affects Really Simple SSL: from n/a through 7.2.3.",
"id": "GHSA-x5c9-rrjf-32hg",
"modified": "2026-04-28T21:34:51Z",
"published": "2024-04-18T12:30:31Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-31229"
},
{
"type": "WEB",
"url": "https://patchstack.com/database/vulnerability/really-simple-ssl/wordpress-really-simple-ssl-plugin-7-2-3-server-side-request-forgery-ssrf-vulnerability?_s_id=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-X5R2-HJ5C-8JX6
Vulnerability from github – Published: 2021-02-11 20:42 – Updated: 2025-10-22 19:05Impact
Users of Adminer versions bundling all drivers (e.g. adminer.php) are affected.
Patches
Patched by ccd2374b, included in version 4.7.9.
Workarounds
- Use a single driver version (e.g.
adminer-mysql.php). - Protect access to Adminer also by other means, e.g. by HTTP password, IP address limiting or by OTP plugin.
References
https://github.com/vrana/adminer/files/5957311/Adminer.SSRF.pdf
For more information
If you have any questions or comments about this advisory: * Comment at ccd2374b.
{
"affected": [
{
"package": {
"ecosystem": "Packagist",
"name": "vrana/adminer"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.7.9"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2021-21311"
],
"database_specific": {
"cwe_ids": [
"CWE-918"
],
"github_reviewed": true,
"github_reviewed_at": "2021-02-11T20:42:04Z",
"nvd_published_at": "2021-02-11T21:15:00Z",
"severity": "HIGH"
},
"details": "### Impact\nUsers of Adminer versions bundling all drivers (e.g. `adminer.php`) are affected.\n\n### Patches\nPatched by ccd2374b, included in version [4.7.9](https://github.com/vrana/adminer/releases/tag/v4.7.9).\n\n### Workarounds\n* Use a single driver version (e.g. `adminer-mysql.php`).\n* Protect access to Adminer also by other means, e.g. by HTTP password, IP address limiting or by OTP [plugin](https://www.adminer.org/plugins/).\n\n### References\nhttps://github.com/vrana/adminer/files/5957311/Adminer.SSRF.pdf\n\n### For more information\nIf you have any questions or comments about this advisory:\n* Comment at ccd2374b.",
"id": "GHSA-x5r2-hj5c-8jx6",
"modified": "2025-10-22T19:05:30Z",
"published": "2021-02-11T20:42:59Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/vrana/adminer/security/advisories/GHSA-x5r2-hj5c-8jx6"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21311"
},
{
"type": "WEB",
"url": "https://github.com/vrana/adminer/commit/ccd2374b0b12bd547417bf0dacdf153826c83351"
},
{
"type": "PACKAGE",
"url": "https://github.com/vrana/adminer"
},
{
"type": "WEB",
"url": "https://github.com/vrana/adminer/files/5957311/Adminer.SSRF.pdf"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00002.html"
},
{
"type": "WEB",
"url": "https://packagist.org/packages/vrana/adminer"
},
{
"type": "WEB",
"url": "https://sourceforge.net/p/adminer/news/2021/02/adminer-479-released"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-21311"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N/E:H",
"type": "CVSS_V3"
}
],
"summary": "SSRF in adminer"
}
GHSA-X5VX-VRPF-R45F
Vulnerability from github – Published: 2026-04-01 21:08 – Updated: 2026-04-01 21:08Summary
The EPG (Electronic Program Guide) link feature in AVideo allows authenticated users with upload permissions to store arbitrary URLs that the server fetches on every EPG page visit. The URL is validated only with PHP's FILTER_VALIDATE_URL, which accepts internal network addresses. Although AVideo has a dedicated isSSRFSafeURL() function for preventing SSRF, it is not called in this code path. This results in a stored server-side request forgery vulnerability that can be used to scan internal networks, access cloud metadata services, and interact with internal services.
Details
When a user adds or edits a video, the EPG link is stored via objects/videoAddNew.json.php:119:
$obj->setEpg_link($_POST['epg_link']);
The only validation applied is FILTER_VALIDATE_URL, which accepts URLs targeting internal addresses such as http://127.0.0.1, http://169.254.169.254, or http://10.0.0.1.
Later, when the EPG data is parsed, the stored URL is fetched server-side at objects/EpgParser.php:358:
$this->content = @\file_get_contents($this->url);
The file_get_contents() function follows redirects and supports multiple protocols including http://, https://, ftp://, and depending on PHP configuration, php:// and other stream wrappers.
The codebase contains an isSSRFSafeURL() function that validates URLs against internal network ranges, but this function is not invoked anywhere in the EPG link processing path.
Because the URL is stored in the database, every subsequent visit to the EPG page re-triggers the server-side request. This makes the SSRF persistent and repeatable without further attacker interaction.
Proof of Concept
-
Authenticate as a user with upload permissions.
-
Create or edit a video and set the EPG link to an internal target:
# Target the cloud metadata service
curl -b "PHPSESSID=USER_SESSION" \
-X POST "https://your-avideo-instance.com/objects/videoAddNew.json.php" \
-d "title=Test+Video&epg_link=http://169.254.169.254/latest/meta-data/iam/security-credentials/"
- Trigger the EPG parser by visiting the video's EPG page, or wait for the next page load that processes EPG data:
curl -b "PHPSESSID=USER_SESSION" \
"https://your-avideo-instance.com/plugin/Live/view/Live_schedule/?videos_id=VIDEO_ID"
- To scan internal ports, set the EPG link to various internal addresses:
# Scan an internal service
curl -b "PHPSESSID=USER_SESSION" \
-X POST "https://your-avideo-instance.com/objects/videoAddNew.json.php" \
-d "title=Test+Video&epg_link=http://127.0.0.1:6379/"
- The server fetches the URL via
file_get_contents(). Response differences (timing, error messages, or returned content via EPG display) reveal whether internal services are running.
Impact
An authenticated user with upload permissions can force the AVideo server to make HTTP requests to arbitrary internal and external targets. This enables scanning of internal networks, access to cloud instance metadata (potentially exposing IAM credentials on AWS/GCP/Azure), and interaction with internal services that are not intended to be externally accessible. The stored nature of this SSRF means it re-executes on every page visit, amplifying the impact.
- CWE-918: Server-Side Request Forgery (SSRF)
- Severity: Medium
Recommended Fix
Add an isSSRFSafeURL() check before the file_get_contents() call at objects/EpgParser.php:355:
if (function_exists('isSSRFSafeURL') && !isSSRFSafeURL($this->url)) {
throw new \RuntimeException('URL blocked by SSRF protection');
}
This reuses the existing SSRF protection function that is already applied in other code paths.
Found by aisafe.io
{
"affected": [
{
"package": {
"ecosystem": "Packagist",
"name": "wwbn/avideo"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "26.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-34740"
],
"database_specific": {
"cwe_ids": [
"CWE-918"
],
"github_reviewed": true,
"github_reviewed_at": "2026-04-01T21:08:40Z",
"nvd_published_at": "2026-03-31T21:16:32Z",
"severity": "MODERATE"
},
"details": "## Summary\n\nThe EPG (Electronic Program Guide) link feature in AVideo allows authenticated users with upload permissions to store arbitrary URLs that the server fetches on every EPG page visit. The URL is validated only with PHP\u0027s `FILTER_VALIDATE_URL`, which accepts internal network addresses. Although AVideo has a dedicated `isSSRFSafeURL()` function for preventing SSRF, it is not called in this code path. This results in a stored server-side request forgery vulnerability that can be used to scan internal networks, access cloud metadata services, and interact with internal services.\n\n## Details\n\nWhen a user adds or edits a video, the EPG link is stored via `objects/videoAddNew.json.php:119`:\n\n```php\n$obj-\u003esetEpg_link($_POST[\u0027epg_link\u0027]);\n```\n\nThe only validation applied is `FILTER_VALIDATE_URL`, which accepts URLs targeting internal addresses such as `http://127.0.0.1`, `http://169.254.169.254`, or `http://10.0.0.1`.\n\nLater, when the EPG data is parsed, the stored URL is fetched server-side at `objects/EpgParser.php:358`:\n\n```php\n$this-\u003econtent = @\\file_get_contents($this-\u003eurl);\n```\n\nThe `file_get_contents()` function follows redirects and supports multiple protocols including `http://`, `https://`, `ftp://`, and depending on PHP configuration, `php://` and other stream wrappers.\n\nThe codebase contains an `isSSRFSafeURL()` function that validates URLs against internal network ranges, but this function is not invoked anywhere in the EPG link processing path.\n\nBecause the URL is stored in the database, every subsequent visit to the EPG page re-triggers the server-side request. This makes the SSRF persistent and repeatable without further attacker interaction.\n\n## Proof of Concept\n\n1. Authenticate as a user with upload permissions.\n\n2. Create or edit a video and set the EPG link to an internal target:\n\n```bash\n# Target the cloud metadata service\ncurl -b \"PHPSESSID=USER_SESSION\" \\\n -X POST \"https://your-avideo-instance.com/objects/videoAddNew.json.php\" \\\n -d \"title=Test+Video\u0026epg_link=http://169.254.169.254/latest/meta-data/iam/security-credentials/\"\n```\n\n3. Trigger the EPG parser by visiting the video\u0027s EPG page, or wait for the next page load that processes EPG data:\n\n```bash\ncurl -b \"PHPSESSID=USER_SESSION\" \\\n \"https://your-avideo-instance.com/plugin/Live/view/Live_schedule/?videos_id=VIDEO_ID\"\n```\n\n4. To scan internal ports, set the EPG link to various internal addresses:\n\n```bash\n# Scan an internal service\ncurl -b \"PHPSESSID=USER_SESSION\" \\\n -X POST \"https://your-avideo-instance.com/objects/videoAddNew.json.php\" \\\n -d \"title=Test+Video\u0026epg_link=http://127.0.0.1:6379/\"\n```\n\n5. The server fetches the URL via `file_get_contents()`. Response differences (timing, error messages, or returned content via EPG display) reveal whether internal services are running.\n\n## Impact\n\nAn authenticated user with upload permissions can force the AVideo server to make HTTP requests to arbitrary internal and external targets. This enables scanning of internal networks, access to cloud instance metadata (potentially exposing IAM credentials on AWS/GCP/Azure), and interaction with internal services that are not intended to be externally accessible. The stored nature of this SSRF means it re-executes on every page visit, amplifying the impact.\n\n- **CWE-918**: Server-Side Request Forgery (SSRF)\n- **Severity**: Medium\n\n## Recommended Fix\n\nAdd an `isSSRFSafeURL()` check before the `file_get_contents()` call at `objects/EpgParser.php:355`:\n\n```php\nif (function_exists(\u0027isSSRFSafeURL\u0027) \u0026\u0026 !isSSRFSafeURL($this-\u003eurl)) {\n throw new \\RuntimeException(\u0027URL blocked by SSRF protection\u0027);\n}\n```\n\nThis reuses the existing SSRF protection function that is already applied in other code paths.\n\n---\n*Found by [aisafe.io](https://aisafe.io)*",
"id": "GHSA-x5vx-vrpf-r45f",
"modified": "2026-04-01T21:08:40Z",
"published": "2026-04-01T21:08:40Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/WWBN/AVideo/security/advisories/GHSA-x5vx-vrpf-r45f"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34740"
},
{
"type": "WEB",
"url": "https://github.com/WWBN/AVideo/commit/677d1a314d46abce457c7b662afbb58b0d9f17a2"
},
{
"type": "PACKAGE",
"url": "https://github.com/WWBN/AVideo"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "AVideo: Stored SSRF via Video EPG Link Missing isSSRFSafeURL() Validation"
}
GHSA-X63R-JX45-482M
Vulnerability from github – Published: 2026-03-09 18:31 – Updated: 2026-03-11 15:31An issue pertaining to CWE-918: Server-Side Request Forgery was discovered in oslabs-beta ThermaKube master.
{
"affected": [],
"aliases": [
"CVE-2025-70042"
],
"database_specific": {
"cwe_ids": [
"CWE-918"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-03-09T16:16:15Z",
"severity": "CRITICAL"
},
"details": "An issue pertaining to CWE-918: Server-Side Request Forgery was discovered in oslabs-beta ThermaKube master.",
"id": "GHSA-x63r-jx45-482m",
"modified": "2026-03-11T15:31:36Z",
"published": "2026-03-09T18:31:43Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-70042"
},
{
"type": "WEB",
"url": "https://gist.github.com/zcxlighthouse/5a6d15611456de619e4be36f7d2a0ee7"
},
{
"type": "WEB",
"url": "https://github.com/oslabs-beta"
},
{
"type": "WEB",
"url": "https://github.com/oslabs-beta/ThermaKube"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-X698-9G95-CHP7
Vulnerability from github – Published: 2023-06-08 21:30 – Updated: 2024-04-04 04:40Pydio Cells through 4.1.2 allows SSRF. For longer running processes, Pydio Cells allows for the creation of jobs, which are run in the background. The job "remote-download" can be used to cause the backend to send a HTTP GET request to a specified URL and save the response to a new file. The response file is then available in a user-specified folder in Pydio Cells.
{
"affected": [],
"aliases": [
"CVE-2023-32750"
],
"database_specific": {
"cwe_ids": [
"CWE-918"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-06-08T21:15:17Z",
"severity": "MODERATE"
},
"details": "Pydio Cells through 4.1.2 allows SSRF. For longer running processes, Pydio Cells allows for the creation of jobs, which are run in the background. The job \"remote-download\" can be used to cause the backend to send a HTTP GET request to a specified URL and save the response to a new file. The response file is then available in a user-specified folder in Pydio Cells.",
"id": "GHSA-x698-9g95-chp7",
"modified": "2024-04-04T04:40:57Z",
"published": "2023-06-08T21:30:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-32750"
},
{
"type": "WEB",
"url": "https://www.redteam-pentesting.de/advisories/rt-sa-2023-005"
},
{
"type": "WEB",
"url": "https://www.redteam-pentesting.de/en/advisories/-advisories-publicised-vulnerability-analyses"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-X6F8-H6VP-666P
Vulnerability from github – Published: 2025-08-26 00:31 – Updated: 2025-08-26 18:31Rebuild v3.7.7 was discovered to contain a Server-Side Request Forgery (SSRF) via the type parameter in the com.rebuild.web.admin.rbstore.RBStoreController#loadDataIndex method.
{
"affected": [],
"aliases": [
"CVE-2024-46413"
],
"database_specific": {
"cwe_ids": [
"CWE-918"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-08-25T15:15:35Z",
"severity": "MODERATE"
},
"details": "Rebuild v3.7.7 was discovered to contain a Server-Side Request Forgery (SSRF) via the type parameter in the com.rebuild.web.admin.rbstore.RBStoreController#loadDataIndex method.",
"id": "GHSA-x6f8-h6vp-666p",
"modified": "2025-08-26T18:31:14Z",
"published": "2025-08-26T00:31:13Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-46413"
},
{
"type": "WEB",
"url": "https://github.com/RacerZ-fighting/CVE-vulns/blob/main/rebuild%203.7.7.md"
},
{
"type": "WEB",
"url": "https://github.com/RacerZ-fighting/rebuild-vulns/blob/main/rebuild%203.7.7.md"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-X6M9-GXVR-7JPV
Vulnerability from github – Published: 2026-04-01 23:21 – Updated: 2026-04-06 22:54Summary
passthrough() and apassthrough() in praisonai accept a caller-controlled api_base parameter that is concatenated with endpoint and passed directly to httpx.Client.request() when the litellm primary path raises AttributeError. No URL scheme validation, private IP filtering, or domain allowlist is applied, allowing requests to any host reachable from the server.
Details
passthrough.py:92 (source) -> passthrough.py:109 (fallback trigger) -> passthrough.py:110 (sink)
# source -- api_base taken directly from caller
def passthrough(endpoint, api_base=None, method="GET", ...):
# fallback trigger -- AttributeError from unrecognised provider enters fallback
except AttributeError:
url = f"{api_base or 'https://api.openai.com'}{endpoint}"
# sink -- no validation before request
response = client.request(method, url=url, ...)
PoC
# tested on: praisonai 1.5.87 (source install)
# install: pip install -e src/praisonai
# start listener: python3 -m http.server 8888
import sys, litellm
sys.path.insert(0, 'src/praisonai')
del litellm.llm_passthrough_route
from praisonai.capabilities.passthrough import passthrough
result = passthrough(
endpoint="/ssrf-test",
api_base="http://127.0.0.1:8888",
method="GET",
custom_llm_provider="__nonexistent__",
)
print(result)
# expected output: PassthroughResult(data='...', status_code=404, headers={'server': 'SimpleHTTP/0.6 Python/3.12.3', ...})
# listener logs: "GET /ssrf-test HTTP/1.1" 404
# on EC2 with IMDSv1: api_base="http://169.254.169.254" returns IAM credentials
Impact
On cloud infrastructure with IMDSv1 enabled, an attacker can retrieve IAM credentials via the EC2 metadata service. Internal services (Redis, Elasticsearch, Kubernetes API) are reachable without authentication from within the VPC. The Flask API server deploys with AUTH_ENABLED = False by default, making this reachable over the network without credentials.
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 4.5.89"
},
"package": {
"ecosystem": "PyPI",
"name": "praisonai"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.5.90"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-34936"
],
"database_specific": {
"cwe_ids": [
"CWE-918"
],
"github_reviewed": true,
"github_reviewed_at": "2026-04-01T23:21:45Z",
"nvd_published_at": "2026-04-03T23:17:05Z",
"severity": "HIGH"
},
"details": "### Summary\n\n`passthrough()` and `apassthrough()` in `praisonai` accept a caller-controlled `api_base` parameter that is concatenated with `endpoint` and passed directly to `httpx.Client.request()` when the litellm primary path raises `AttributeError`. No URL scheme validation, private IP filtering, or domain allowlist is applied, allowing requests to any host reachable from the server.\n\n### Details\n\n`passthrough.py:92` (source) -\u003e `passthrough.py:109` (fallback trigger) -\u003e `passthrough.py:110` (sink)\n```python\n# source -- api_base taken directly from caller\ndef passthrough(endpoint, api_base=None, method=\"GET\", ...):\n\n# fallback trigger -- AttributeError from unrecognised provider enters fallback\nexcept AttributeError:\n url = f\"{api_base or \u0027https://api.openai.com\u0027}{endpoint}\"\n\n# sink -- no validation before request\n response = client.request(method, url=url, ...)\n```\n\n### PoC\n```python\n# tested on: praisonai 1.5.87 (source install)\n# install: pip install -e src/praisonai\n# start listener: python3 -m http.server 8888\nimport sys, litellm\nsys.path.insert(0, \u0027src/praisonai\u0027)\ndel litellm.llm_passthrough_route\n\nfrom praisonai.capabilities.passthrough import passthrough\n\nresult = passthrough(\n endpoint=\"/ssrf-test\",\n api_base=\"http://127.0.0.1:8888\",\n method=\"GET\",\n custom_llm_provider=\"__nonexistent__\",\n)\nprint(result)\n# expected output: PassthroughResult(data=\u0027...\u0027, status_code=404, headers={\u0027server\u0027: \u0027SimpleHTTP/0.6 Python/3.12.3\u0027, ...})\n# listener logs: \"GET /ssrf-test HTTP/1.1\" 404\n# on EC2 with IMDSv1: api_base=\"http://169.254.169.254\" returns IAM credentials\n```\n\n### Impact\n\nOn cloud infrastructure with IMDSv1 enabled, an attacker can retrieve IAM credentials via the EC2 metadata service. Internal services (Redis, Elasticsearch, Kubernetes API) are reachable without authentication from within the VPC. The Flask API server deploys with `AUTH_ENABLED = False` by default, making this reachable over the network without credentials.",
"id": "GHSA-x6m9-gxvr-7jpv",
"modified": "2026-04-06T22:54:03Z",
"published": "2026-04-01T23:21:45Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-x6m9-gxvr-7jpv"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34936"
},
{
"type": "PACKAGE",
"url": "https://github.com/MervinPraison/PraisonAI"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "PraisonAI: SSRF via Unvalidated api_base in passthrough() Fallback"
}
GHSA-X6MJ-W4JF-JMGW
Vulnerability from github – Published: 2022-02-15 01:57 – Updated: 2023-09-18 22:44The Kubernetes kube-controller-manager in versions v1.0-1.14, versions prior to v1.15.12, v1.16.9, v1.17.5, and version v1.18.0 are vulnerable to a Server Side Request Forgery (SSRF) that allows certain authorized users to leak up to 500 bytes of arbitrary information from unprotected endpoints within the master's host network (such as link-local or loopback services).
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "k8s.io/kubernetes"
},
"ranges": [
{
"events": [
{
"introduced": "1.18.0"
},
{
"fixed": "1.18.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Go",
"name": "k8s.io/kubernetes"
},
"ranges": [
{
"events": [
{
"introduced": "1.17.0"
},
{
"fixed": "1.17.4"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Go",
"name": "k8s.io/kubernetes"
},
"ranges": [
{
"events": [
{
"introduced": "1.16.0"
},
{
"fixed": "1.16.9"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Go",
"name": "k8s.io/kubernetes"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.15.12"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2020-8555"
],
"database_specific": {
"cwe_ids": [
"CWE-918"
],
"github_reviewed": true,
"github_reviewed_at": "2021-05-13T20:13:43Z",
"nvd_published_at": "2020-06-05T17:15:00Z",
"severity": "MODERATE"
},
"details": "The Kubernetes kube-controller-manager in versions v1.0-1.14, versions prior to v1.15.12, v1.16.9, v1.17.5, and version v1.18.0 are vulnerable to a Server Side Request Forgery (SSRF) that allows certain authorized users to leak up to 500 bytes of arbitrary information from unprotected endpoints within the master\u0027s host network (such as link-local or loopback services).",
"id": "GHSA-x6mj-w4jf-jmgw",
"modified": "2023-09-18T22:44:56Z",
"published": "2022-02-15T01:57:18Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8555"
},
{
"type": "WEB",
"url": "https://github.com/kubernetes/kubernetes/issues/91542"
},
{
"type": "WEB",
"url": "https://github.com/kubernetes/kubernetes/pull/89794"
},
{
"type": "WEB",
"url": "https://groups.google.com/d/topic/kubernetes-security-announce/kEK27tqqs30/discussion"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SOCLOPTSYABTE4CLTSPDIFE6ZZZR4LX"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20200724-0005"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2020/06/01/4"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2021/05/04/8"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Server Side Request Forgery (SSRF) in Kubernetes"
}
GHSA-X6V9-4FG2-25CW
Vulnerability from github – Published: 2023-09-16 09:30 – Updated: 2024-04-04 07:42The Dropbox Folder Share plugin for WordPress is vulnerable to Server-Side Request Forgery in versions up to, and including, 1.9.7 via the 'link' parameter. This can allow unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.
{
"affected": [],
"aliases": [
"CVE-2023-3025"
],
"database_specific": {
"cwe_ids": [
"CWE-918"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-09-16T09:15:07Z",
"severity": "HIGH"
},
"details": "The Dropbox Folder Share plugin for WordPress is vulnerable to Server-Side Request Forgery in versions up to, and including, 1.9.7 via the \u0027link\u0027 parameter. This can allow unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.",
"id": "GHSA-x6v9-4fg2-25cw",
"modified": "2024-04-04T07:42:49Z",
"published": "2023-09-16T09:30:13Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3025"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/browser/dropbox-folder-share/trunk/HynoTech/DropboxFolderShare/Principal.php#L118"
},
{
"type": "WEB",
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d62bd2bd-db01-479f-89e4-8031d69a912f?source=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-X757-HV69-JR45
Vulnerability from github – Published: 2025-03-20 12:32 – Updated: 2025-03-21 21:16The /openai/models endpoint in open-webui/open-webui version 0.3.8 is vulnerable to Server-Side Request Forgery (SSRF). An attacker can change the OpenAI URL to any URL without checks, causing the endpoint to send a request to the specified URL and return the output. This vulnerability allows the attacker to access internal services and potentially gain command execution by accessing instance secrets.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "open-webui"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "0.3.8"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2024-7959"
],
"database_specific": {
"cwe_ids": [
"CWE-918"
],
"github_reviewed": true,
"github_reviewed_at": "2025-03-21T21:16:29Z",
"nvd_published_at": "2025-03-20T10:15:38Z",
"severity": "HIGH"
},
"details": "The `/openai/models` endpoint in open-webui/open-webui version 0.3.8 is vulnerable to Server-Side Request Forgery (SSRF). An attacker can change the OpenAI URL to any URL without checks, causing the endpoint to send a request to the specified URL and return the output. This vulnerability allows the attacker to access internal services and potentially gain command execution by accessing instance secrets.",
"id": "GHSA-x757-hv69-jr45",
"modified": "2025-03-21T21:16:29Z",
"published": "2025-03-20T12:32:46Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-7959"
},
{
"type": "PACKAGE",
"url": "https://github.com/open-webui/open-webui"
},
{
"type": "WEB",
"url": "https://huntr.com/bounties/3c8bea0a-d678-4d67-bb9c-2b5b610a2193"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Open WebUI has SSRF in /openai/models"
}
No mitigation information available for this CWE.
CAPEC-664: Server Side Request Forgery
An adversary exploits improper input validation by submitting maliciously crafted input to a target application running on a server, with the goal of forcing the server to make a request either to itself, to web services running in the server’s internal network, or to external third parties. If successful, the adversary’s request will be made with the server’s privilege level, bypassing its authentication controls. This ultimately allows the adversary to access sensitive data, execute commands on the server’s network, and make external requests with the stolen identity of the server. Server Side Request Forgery attacks differ from Cross Site Request Forgery attacks in that they target the server itself, whereas CSRF attacks exploit an insecure user authentication mechanism to perform unauthorized actions on the user's behalf.