Common Weakness Enumeration

CWE-918

Allowed

Server-Side Request Forgery (SSRF)

Abstraction: Base · Status: Incomplete

The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

4587 vulnerabilities reference this CWE, most recent first.

GHSA-XQRP-5PXM-3QXH

Vulnerability from github – Published: 2022-05-24 19:03 – Updated: 2022-05-24 19:03
VLAI
Details

Server-Side request forgery (SSRF) vulnerability in task management component in Synology Download Station before 3.8.15-3563 allows remote authenticated users to read arbitrary files via unspecified vectors.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-33184"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-918"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-06-01T14:15:00Z",
    "severity": "HIGH"
  },
  "details": "Server-Side request forgery (SSRF) vulnerability in task management component in Synology Download Station before 3.8.15-3563 allows remote authenticated users to read arbitrary files via unspecified vectors.",
  "id": "GHSA-xqrp-5pxm-3qxh",
  "modified": "2022-05-24T19:03:43Z",
  "published": "2022-05-24T19:03:43Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33184"
    },
    {
      "type": "WEB",
      "url": "https://www.synology.com/security/advisory/Synology_SA_20_23"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-XQXH-CQ77-R6QH

Vulnerability from github – Published: 2021-12-18 00:00 – Updated: 2026-03-09 21:31
VLAI
Details

VMware Workspace ONE UEM console 20.0.8 prior to 20.0.8.37, 20.11.0 prior to 20.11.0.40, 21.2.0 prior to 21.2.0.27, and 21.5.0 prior to 21.5.0.37 contain an SSRF vulnerability. This issue may allow a malicious actor with network access to UEM to send their requests without authentication and to gain access to sensitive information.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-22054"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-918"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-12-17T17:15:00Z",
    "severity": "HIGH"
  },
  "details": "VMware Workspace ONE UEM console 20.0.8 prior to 20.0.8.37, 20.11.0 prior to 20.11.0.40, 21.2.0 prior to 21.2.0.27, and 21.5.0 prior to 21.5.0.37 contain an SSRF vulnerability. This issue may allow a malicious actor with network access to UEM to send their requests without authentication and to gain access to sensitive information.",
  "id": "GHSA-xqxh-cq77-r6qh",
  "modified": "2026-03-09T21:31:32Z",
  "published": "2021-12-18T00:00:51Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22054"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-22054"
    },
    {
      "type": "WEB",
      "url": "https://www.greynoise.io/blog/new-ssrf-exploitation-surge"
    },
    {
      "type": "WEB",
      "url": "https://www.vmware.com/security/advisories/VMSA-2021-0029.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-XR49-QH48-CFF9

Vulnerability from github – Published: 2024-04-03 03:30 – Updated: 2024-08-01 15:31
VLAI
Details

Server Side Request Forgery (SSRF) vulnerability in Friendica versions after v.2023.12, allows a remote attacker to execute arbitrary code and obtain sensitive information via the fpostit.php component.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-25864"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-918"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-04-03T03:15:09Z",
    "severity": "CRITICAL"
  },
  "details": "Server Side Request Forgery (SSRF) vulnerability in Friendica versions after v.2023.12, allows a remote attacker to execute arbitrary code and obtain sensitive information via the fpostit.php component.",
  "id": "GHSA-xr49-qh48-cff9",
  "modified": "2024-08-01T15:31:36Z",
  "published": "2024-04-03T03:30:30Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-25864"
    },
    {
      "type": "WEB",
      "url": "https://github.com/friendica/friendica/issues/13877"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-XR7V-J379-34V9

Vulnerability from github – Published: 2026-01-28 21:41 – Updated: 2026-01-28 21:41
VLAI
Summary
NocoDB has Blind SSRF via Unvalidated HEAD Request in uploadViaURL Functionality
Details

Summary

A blind Server-Side Request Forgery (SSRF) vulnerability exists in the uploadViaURL functionality due to an unprotected HEAD request. While the subsequent file retrieval logic correctly enforces SSRF protections, the initial metadata request executes without validation.

This allows limited outbound requests to arbitrary URLs before SSRF controls are applied.


Vulnerability Details

The uploadViaURL() function issues an axios.head() request to retrieve metadata (content type, content length, and final URL after redirects). This request is performed without SSRF filtering.

Although the actual file download is protected by request filtering, the initial HEAD request occurs prior to these checks and can be triggered with an attacker-controlled URL.

Vulnerable Code

if (!url.startsWith('data:')) {
  response = await axios.head(url, { maxRedirects: 5 });
  mimeType = response.headers['content-type']?.split(';')[0];
  size = response.headers['content-length'];
  finalUrl = response.request.res.responseUrl;
}

Impact

The impact of this issue is limited due to the following constraints:

  • Only HEAD requests are affected (no response body is returned)
  • No direct exfiltration of response data occurs
  • The subsequent file-fetching logic enforces SSRF protections

However, the vulnerability may still allow:

  • Blind SSRF via outbound HEAD requests
  • Limited internal service probing (reachability and response behavior)
  • Interaction with sensitive internal endpoints that respond to HEAD requests

This issue does not provide arbitrary data access or full internal network compromise on its own.


Severity

Moderate

The vulnerability is limited in scope and impact:

  • Only HEAD requests are affected
  • No response body or sensitive data is directly returned
  • The actual file download logic enforces SSRF protections

While the issue permits blind outbound requests to attacker-controlled URLs, it does not enable direct data exfiltration or full internal network compromise on its own.


Proof of Concept

curl -X POST 'http://localhost:8080/api/v2/storage/upload-by-url' \
  -H 'Content-Type: application/json' \
  -H 'xc-auth: <token>' \
  -d '[{
    "url": "http://169.254.169.254/latest/meta-data/",
    "fileName": "test.txt"
  }]'

This request causes the server to issue an unfiltered HEAD request before SSRF protections are applied.


Acknowledgements

This issue was first identified and responsibly disclosed by Faizan Raza of Kolega.dev as part of a security assessment using Kolega.dev Deep Code Scan, including validation and fix recommendations.

NocoDB also acknowledges Neel B for independently reporting the same issue prior to publication.

NocoDB thanks Kolega.dev for their contribution to improving the security posture of the project.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "nocodb"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.301.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-24767"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-918"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-01-28T21:41:18Z",
    "nvd_published_at": "2026-01-28T21:16:12Z",
    "severity": "MODERATE"
  },
  "details": "## Summary\n\nA **blind Server-Side Request Forgery (SSRF)** vulnerability exists in the `uploadViaURL` functionality due to an unprotected `HEAD` request. While the subsequent file retrieval logic correctly enforces SSRF protections, the initial metadata request executes without validation.\n\nThis allows limited outbound requests to arbitrary URLs before SSRF controls are applied.\n\n---\n\n## Vulnerability Details\n\nThe `uploadViaURL()` function issues an `axios.head()` request to retrieve metadata (content type, content length, and final URL after redirects). This request is performed **without SSRF filtering**.\n\nAlthough the actual file download is protected by request filtering, the initial `HEAD` request occurs prior to these checks and can be triggered with an attacker-controlled URL.\n\n### Vulnerable Code\n\n```ts\nif (!url.startsWith(\u0027data:\u0027)) {\n  response = await axios.head(url, { maxRedirects: 5 });\n  mimeType = response.headers[\u0027content-type\u0027]?.split(\u0027;\u0027)[0];\n  size = response.headers[\u0027content-length\u0027];\n  finalUrl = response.request.res.responseUrl;\n}\n```\n\n---\n\n## Impact\n\nThe impact of this issue is **limited** due to the following constraints:\n\n* Only `HEAD` requests are affected (no response body is returned)\n* No direct exfiltration of response data occurs\n* The subsequent file-fetching logic enforces SSRF protections\n\nHowever, the vulnerability may still allow:\n\n* **Blind SSRF** via outbound `HEAD` requests\n* **Limited internal service probing** (reachability and response behavior)\n* **Interaction with sensitive internal endpoints** that respond to `HEAD` requests\n\nThis issue does **not** provide arbitrary data access or full internal network compromise on its own.\n\n---\n\n## Severity\n\n**Moderate**\n\nThe vulnerability is limited in scope and impact:\n\n* Only `HEAD` requests are affected\n* No response body or sensitive data is directly returned\n* The actual file download logic enforces SSRF protections\n\nWhile the issue permits blind outbound requests to attacker-controlled URLs, it does not enable direct data exfiltration or full internal network compromise on its own.\n\n---\n\n## Proof of Concept\n\n```bash\ncurl -X POST \u0027http://localhost:8080/api/v2/storage/upload-by-url\u0027 \\\n  -H \u0027Content-Type: application/json\u0027 \\\n  -H \u0027xc-auth: \u003ctoken\u003e\u0027 \\\n  -d \u0027[{\n    \"url\": \"http://169.254.169.254/latest/meta-data/\",\n    \"fileName\": \"test.txt\"\n  }]\u0027\n```\n\nThis request causes the server to issue an unfiltered `HEAD` request before SSRF protections are applied.\n\n---\n\n## Acknowledgements\n\nThis issue was first identified and responsibly disclosed by Faizan Raza of Kolega.dev as part of a security assessment using Kolega.dev Deep Code Scan, including validation and fix recommendations.\n\nNocoDB also acknowledges Neel B for independently reporting the same issue prior to publication.\n\nNocoDB thanks Kolega.dev for their contribution to improving the security posture of the project.",
  "id": "GHSA-xr7v-j379-34v9",
  "modified": "2026-01-28T21:41:18Z",
  "published": "2026-01-28T21:41:18Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/nocodb/nocodb/security/advisories/GHSA-xr7v-j379-34v9"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24767"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/nocodb/nocodb"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "NocoDB has Blind SSRF via Unvalidated HEAD Request in uploadViaURL Functionality"
}

GHSA-XR9H-9M79-X29G

Vulnerability from github – Published: 2021-03-01 19:38 – Updated: 2021-02-24 06:59
VLAI
Summary
SSRF in Rendertron
Details

Rendertron versions prior to 3.0.0 are are susceptible to a Server-Side Request Forgery (SSRF) attack. An attacker can use a specially crafted webpage to force a rendertron headless chrome process to render internal sites it has access to, and display it as a screenshot. Suggested mitigations are to upgrade your rendertron to version 3.0.0, or, if you cannot update, to secure the infrastructure to limit the headless chrome's access to your internal domain.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "rendertron"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "3.0.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2020-8902"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-918"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2021-02-24T06:59:10Z",
    "nvd_published_at": "2021-02-23T12:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Rendertron versions prior to 3.0.0 are are susceptible to a Server-Side Request Forgery (SSRF) attack. An attacker can use a specially crafted webpage to force a rendertron headless chrome process to render internal sites it has access to, and display it as a screenshot. Suggested mitigations are to upgrade your rendertron to version 3.0.0, or, if you cannot update, to secure the infrastructure to limit the headless chrome\u0027s access to your internal domain.",
  "id": "GHSA-xr9h-9m79-x29g",
  "modified": "2021-02-24T06:59:10Z",
  "published": "2021-03-01T19:38:23Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8902"
    },
    {
      "type": "WEB",
      "url": "https://github.com/GoogleChrome/rendertron/releases/tag/3.0.0"
    },
    {
      "type": "WEB",
      "url": "https://www.npmjs.com/package/rendertron"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [],
  "summary": "SSRF in Rendertron"
}

GHSA-XRC8-933J-F74C

Vulnerability from github – Published: 2026-04-03 00:31 – Updated: 2026-04-03 00:31
VLAI
Details

Server-side request forgery (ssrf) in Azure Databricks allows an unauthorized attacker to elevate privileges over a network.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-33107"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-918"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-04-03T00:16:05Z",
    "severity": "CRITICAL"
  },
  "details": "Server-side request forgery (ssrf) in Azure Databricks allows an unauthorized attacker to elevate privileges over a network.",
  "id": "GHSA-xrc8-933j-f74c",
  "modified": "2026-04-03T00:31:09Z",
  "published": "2026-04-03T00:31:09Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33107"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33107"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-XRRR-C6CX-2756

Vulnerability from github – Published: 2025-05-25 03:30 – Updated: 2025-05-25 03:30
VLAI
Details

A vulnerability classified as critical has been found in Seeyon Zhiyuan OA Web Application System up to 8.1 SP2. This affects the function this.oursNetService.getData of the file com\ours\www\ehr\openPlatform1\open4ClientType\controller\ThirdMenuController.class. The manipulation of the argument url leads to server-side request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-5140"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-918"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-05-25T02:15:22Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability classified as critical has been found in Seeyon Zhiyuan OA Web Application System up to 8.1 SP2. This affects the function this.oursNetService.getData of the file com\\ours\\www\\ehr\\openPlatform1\\open4ClientType\\controller\\ThirdMenuController.class. The manipulation of the argument url leads to server-side request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.",
  "id": "GHSA-xrrr-c6cx-2756",
  "modified": "2025-05-25T03:30:30Z",
  "published": "2025-05-25T03:30:30Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5140"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?ctiid.310221"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?id.310221"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?submit.574440"
    },
    {
      "type": "WEB",
      "url": "https://wx.mail.qq.com/s?k=i0-p-2N4MHcFOeM00E"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-XRWR-FCW6-FMQ8

Vulnerability from github – Published: 2026-04-16 20:43 – Updated: 2026-04-16 20:43
VLAI
Summary
Weblate: SSRF via Project-Level Machinery Configuration
Details

Impact

A user with the project.edit permission (granted by the per-project "Administration" role) can configure machine translation service URLs pointing to arbitrary internal network addresses. During configuration validation, Weblate makes an HTTP request to the attacker-controlled URL and reflects up to 200 characters of the response body back to the user in an error message. This constitutes a Server-Side Request Forgery (SSRF) with partial response read.

Patches

  • https://github.com/WeblateOrg/weblate/pull/18684
  • The solution then has been cleaned up in followup patches

Workarounds

Limiting available machinery services via WEBLATE_MACHINERY setting can avoid this.

References

Thanks to @DavidCarliez for disclosing this via GitHub private vulnerability reporting.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "weblate"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "5.17"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-34244"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200",
      "CWE-918"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-04-16T20:43:38Z",
    "nvd_published_at": "2026-04-15T19:16:35Z",
    "severity": "MODERATE"
  },
  "details": "### Impact\nA user with the `project.edit` permission (granted by the per-project \"Administration\" role) can configure machine translation service URLs pointing to arbitrary internal network addresses. During configuration validation, Weblate makes an HTTP request to the attacker-controlled URL and reflects up to 200 characters of the response body back to the user in an error message. This constitutes a Server-Side Request Forgery (SSRF) with partial response read.\n\n### Patches\n\n* https://github.com/WeblateOrg/weblate/pull/18684\n* The solution then has been cleaned up in followup patches\n\n### Workarounds\nLimiting available machinery services via WEBLATE_MACHINERY setting can avoid this.\n\n### References\n\nThanks to @DavidCarliez for disclosing this via GitHub private vulnerability reporting.",
  "id": "GHSA-xrwr-fcw6-fmq8",
  "modified": "2026-04-16T20:43:38Z",
  "published": "2026-04-16T20:43:38Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/WeblateOrg/weblate/security/advisories/GHSA-xrwr-fcw6-fmq8"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34244"
    },
    {
      "type": "WEB",
      "url": "https://github.com/WeblateOrg/weblate/pull/18684"
    },
    {
      "type": "WEB",
      "url": "https://github.com/WeblateOrg/weblate/commit/e619e9090202e4886b844c110d39308e7e882c0e"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/WeblateOrg/weblate"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Weblate: SSRF via Project-Level Machinery Configuration "
}

GHSA-XRXM-CP7J-8XF6

Vulnerability from github – Published: 2026-06-15 16:39 – Updated: 2026-06-15 16:39
VLAI
Summary
@angular/platform-server: URL Parser Differential leading to SSRF Allowlist Bypass
Details

An issue in the @angular/platform-server package allows remote attackers to bypass host allowlist constraints and direct server-side outgoing requests to arbitrary external endpoints. This occurs due to a parser differential between the strict WHATWG URL parser used for allowlist validation and the lenient Domino URL parser used to initialize the server emulated DOM.

When a server-side request contains a malformed URL with a double port structure (e.g., http://evil.com:80:80/path), Node's strict URL.canParse(url) logic returns false and skips host check validation entirely. However, the same malformed URL is later accepted and parsed leniently by Domino's internal parser, which resolves the origin to http://evil.com:80. The Angular SSR HTTP request interceptor (relativeUrlsTransformerInterceptorFn) then resolves all relative backend HTTP requests against this adopted origin, executing the SSRF attack.

Impact

Any Angular application utilizing server-side rendering (@angular/platform-server) that configures host routing allowlists (allowedHosts) is vulnerable to this allowlist bypass.

By sending an HTTP request with a malformed Host header (e.g. Host: evil.com:80:80) or an absolute-form request URI, an attacker can bypass the allowlist logic completely (even when configured with a strict default deny setup). The SSR application will then route all relative HttpClient outgoing API queries—which commonly carry sensitive credentials, session cookies, and internal authorization tokens—to the attacker-controlled server instead of the intended backend services. Additionally, the attacker can supply custom payloads back to the emulated DOM, leading to response injection and content poisoning within the rendered HTML served to users.

Attack Preconditions

To successfully exploit this vulnerability, the following environment parameters and application states must all concurrently exist:

  1. Active Server-Side Rendering (SSR): The application must be configured to run with Angular Server-Side Rendering (@angular/platform-server).
  2. Host Header/URI Propagation: The SSR handler must reconstruct the request URL using raw client inputs (such as request Host headers or absolute-form URIs) and pass it as config.url to the rendering API (renderApplication or renderModule).
  3. Outbound Relative HTTP Requests: The server application must perform outbound backend API requests using relative paths (e.g., this.http.get('/api/data')) that undergo base-URL interceptor rewriting.
  4. Enabled Allowed Hosts Check: The server must use the framework-provided allowedHosts options to limit valid server locations.

Patches

  • 22.0.0-rc.2
  • 21.2.15
  • 20.3.22
  • 19.2.23
Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "@angular/platform-server"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "22.0.0-next.0"
            },
            {
              "fixed": "22.0.0-rc.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "@angular/platform-server"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "20.0.0-next.0"
            },
            {
              "fixed": "20.3.22"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "@angular/platform-server"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "19.0.0-next.0"
            },
            {
              "fixed": "19.2.23"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "@angular/platform-server"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "18.2.14"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "@angular/platform-server"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "21.0.0-next.0"
            },
            {
              "fixed": "21.2.15"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-50168"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-346",
      "CWE-918"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-06-15T16:39:20Z",
    "nvd_published_at": null,
    "severity": "HIGH"
  },
  "details": "An issue in the `@angular/platform-server` package allows remote attackers to bypass host allowlist constraints and direct server-side outgoing requests to arbitrary external endpoints. This occurs due to a parser differential between the strict WHATWG URL parser used for allowlist validation and the lenient Domino URL parser used to initialize the server emulated DOM.\n\nWhen a server-side request contains a malformed URL with a double port structure (e.g., `http://evil.com:80:80/path`), Node\u0027s strict `URL.canParse(url)` logic returns `false` and skips host check validation entirely. However, the same malformed URL is later accepted and parsed leniently by Domino\u0027s internal parser, which resolves the origin to `http://evil.com:80`. The Angular SSR HTTP request interceptor (`relativeUrlsTransformerInterceptorFn`) then resolves all relative backend HTTP requests against this adopted origin, executing the SSRF attack.\n\n### Impact\n\nAny Angular application utilizing server-side rendering (`@angular/platform-server`) that configures host routing allowlists (`allowedHosts`) is vulnerable to this allowlist bypass. \n\nBy sending an HTTP request with a malformed Host header (e.g. `Host: evil.com:80:80`) or an absolute-form request URI, an attacker can bypass the allowlist logic completely (even when configured with a strict default deny setup). The SSR application will then route all relative `HttpClient` outgoing API queries\u2014which commonly carry sensitive credentials, session cookies, and internal authorization tokens\u2014to the attacker-controlled server instead of the intended backend services. Additionally, the attacker can supply custom payloads back to the emulated DOM, leading to response injection and content poisoning within the rendered HTML served to users.\n\n### Attack Preconditions\n\nTo successfully exploit this vulnerability, the following environment parameters and application states must all concurrently exist:\n\n1. **Active Server-Side Rendering (SSR):** The application must be configured to run with Angular Server-Side Rendering (`@angular/platform-server`).\n2. **Host Header/URI Propagation:** The SSR handler must reconstruct the request URL using raw client inputs (such as request Host headers or absolute-form URIs) and pass it as `config.url` to the rendering API (`renderApplication` or `renderModule`).\n3. **Outbound Relative HTTP Requests:** The server application must perform outbound backend API requests using relative paths (e.g., `this.http.get(\u0027/api/data\u0027)`) that undergo base-URL interceptor rewriting.\n4. **Enabled Allowed Hosts Check:** The server must use the framework-provided `allowedHosts` options to limit valid server locations.\n\n### Patches\n\n* 22.0.0-rc.2\n* 21.2.15\n* 20.3.22\n* 19.2.23",
  "id": "GHSA-xrxm-cp7j-8xf6",
  "modified": "2026-06-15T16:39:20Z",
  "published": "2026-06-15T16:39:20Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/angular/angular/security/advisories/GHSA-xrxm-cp7j-8xf6"
    },
    {
      "type": "WEB",
      "url": "https://github.com/angular/angular/pull/68928"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/angular/angular"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "@angular/platform-server: URL Parser Differential leading to SSRF Allowlist Bypass"
}

GHSA-XV9C-V5PW-JXVF

Vulnerability from github – Published: 2026-07-13 09:31 – Updated: 2026-07-13 09:31
VLAI
Details

A Server-Side Request Forgery (SSRF) protection bypass existed in the html_to_markdown expansion module of misp-modules.

The module attempts to prevent requests to loopback, private, link-local, and other restricted IP address ranges. However, IP addresses were compared against the blocked ranges without first normalising IPv4-mapped IPv6 addresses.

An authenticated attacker able to invoke the module could supply an IPv4-mapped IPv6 address, such as:

http://[::ffff:127.0.0.1]/ http://[::ffff:169.254.169.254]/

Alternatively, the attacker could use a hostname that resolves to an IPv4-mapped IPv6 address. These addresses were treated as IPv6 addresses and therefore did not match the corresponding blocked IPv4 ranges.

Successful exploitation could cause the misp-modules server to connect to services available through its loopback interface, internal network, or link-local network. This could expose internal web services, administrative interfaces, or cloud instance metadata, with retrieved content potentially returned to the attacker as converted Markdown.

The vulnerability has been addressed by normalising IPv4-mapped IPv6 addresses to their underlying IPv4 representation before applying the blocked-range checks. URLs without a valid hostname are now also rejected.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-62143"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-918"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-07-13T09:16:24Z",
    "severity": "HIGH"
  },
  "details": "A Server-Side Request Forgery (SSRF) protection bypass existed in the html_to_markdown expansion module of misp-modules.\n\nThe module attempts to prevent requests to loopback, private, link-local, and other restricted IP address ranges. However, IP addresses were compared against the blocked ranges without first normalising IPv4-mapped IPv6 addresses.\n\nAn authenticated attacker able to invoke the module could supply an IPv4-mapped IPv6 address, such as:\n\nhttp://[::ffff:127.0.0.1]/\nhttp://[::ffff:169.254.169.254]/\n\nAlternatively, the attacker could use a hostname that resolves to an IPv4-mapped IPv6 address. These addresses were treated as IPv6 addresses and therefore did not match the corresponding blocked IPv4 ranges.\n\nSuccessful exploitation could cause the misp-modules server to connect to services available through its loopback interface, internal network, or link-local network. This could expose internal web services, administrative interfaces, or cloud instance metadata, with retrieved content potentially returned to the attacker as converted Markdown.\n\nThe vulnerability has been addressed by normalising IPv4-mapped IPv6 addresses to their underlying IPv4 representation before applying the blocked-range checks. URLs without a valid hostname are now also rejected.",
  "id": "GHSA-xv9c-v5pw-jxvf",
  "modified": "2026-07-13T09:31:43Z",
  "published": "2026-07-13T09:31:43Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-62143"
    },
    {
      "type": "WEB",
      "url": "https://github.com/MISP/misp-modules/commit/3bae4108a3ba1e507727d5264697fd7303ba0b89"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:X/V:X/RE:M/U:Green",
      "type": "CVSS_V4"
    }
  ]
}

No mitigation information available for this CWE.

CAPEC-664: Server Side Request Forgery

An adversary exploits improper input validation by submitting maliciously crafted input to a target application running on a server, with the goal of forcing the server to make a request either to itself, to web services running in the server’s internal network, or to external third parties. If successful, the adversary’s request will be made with the server’s privilege level, bypassing its authentication controls. This ultimately allows the adversary to access sensitive data, execute commands on the server’s network, and make external requests with the stolen identity of the server. Server Side Request Forgery attacks differ from Cross Site Request Forgery attacks in that they target the server itself, whereas CSRF attacks exploit an insecure user authentication mechanism to perform unauthorized actions on the user's behalf.