Lucene search
MitreCVELIST:CVE-2023-28155HistoryMar 16, 2023 - 12:00 a.m.
CVE-2023-28155
2023-03-1600:00:00
mitre
raw.githubusercontent.com
3
The Request package through 2.88.1 for Node.js allows a bypass of SSRF mitigations via an attacker-controller server that does a cross-protocol redirect (HTTP to HTTPS, or HTTPS to HTTP). NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
Related
wolfi
wolfi
CVE-2023-28155 vulnerabilities
2024-04-30 09:06:13
cgr
cgr
CVE-2023-28155 vulnerabilities
2024-05-19 03:07:16
cbl_mariner
cbl_mariner
CVE-2023-28155 affecting package reaper for versions less than 3.1.1-7
2024-03-19 17:21:46
CVE-2023-28155 affecting package nodejs 14.21.1-1
2023-06-13 20:02:41
CVE-2023-28155 affecting package reaper for versions less than 3.1.1-5
2023-06-02 21:37:28
ibm
ibm
prion
prion
Design/Logic Flaw
2023-03-16 15:15:00
ubuntucve
ubuntucve
CVE-2023-28155
2023-03-16 00:00:00
cve
cve
CVE-2023-28155
2023-03-16 15:15:11
osv
osv
CVE-2023-28155
2023-03-16 15:15:11
Server-Side Request Forgery in Request
2023-03-16 15:30:19
debiancve
debiancve
CVE-2023-28155
2023-03-16 15:15:11
veracode
veracode
Server-Side Request Forgery (SSRF)
2023-03-18 08:38:01
github
github
Server-Side Request Forgery in Request
2023-03-16 15:30:19