Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Server-side request forgery in CarrierWave

🗓️ 08 Feb 2021 19:26:16Reported by GitHub Advisory DatabaseType 
github
 github🔗 github.com👁 37 Views

Server-side request forgery in CarrierWave. Vulnerability in download feature allows SSRF attacks to gather internal network information

Show more
Related
Detection
Refs
ReporterTitlePublishedViews
Family
CVE		CVE-2021-21288
8 Feb 202120:15
cve
OSV		CVE-2021-21288
8 Feb 202120:15
osv
OSV		Server-side request forgery in CarrierWave
8 Feb 202119:16
osv
UbuntuCve		CVE-2021-21288
8 Feb 202100:00
ubuntucve
Prion		Design/Logic Flaw
8 Feb 202120:15
prion
NVD		CVE-2021-21288
8 Feb 202120:15
nvd
Debian CVE		CVE-2021-21288
8 Feb 202120:15
debiancve
Cvelist		CVE-2021-21288 Server-side request forgery in CarrierWave
8 Feb 202119:15
cvelist
RubySec		Server-side request forgery in CarrierWave
7 Feb 202121:00
rubygems
FreeBSD		Carrierwave -- Multiple vulnerabilities
8 Feb 202100:00
freebsd
Rows per page
Vulners
Node
carrierwave_projectcarrierwaveRange2.0.02.1.1
OR
carrierwave_projectcarrierwaveRange<1.3.2

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
08 Feb 2021 19:16Current
2.7Low risk
Vulners AI Score2.7
CVSS24
CVSS34.3
EPSS0.002
CWE-918
carrierwavessrfvulnerabilityintranetupgradepreventioncheat sheetnetwork segmentationisolated server
37
.json
Report