Imgur: SSRF in https://imgur.com/vidgif/url

🗓️ 10 Feb 2016 18:53:22Reported by aesteralType

The imgur.com/vidgif/url endpoint is vulnerable to a SSRF vulnerability allowing an attacker to craft connections to any destination on the internet and imgur internal network, and craft outgoing UDP-packets/telnet-based protocol sessions

Reporter	Title	Published	Views	Family All 174
IBM Security Bulletins	Security Bulletin: Vulnerability in libssh2 affects SAN Volume Controller and Storwize Family (CVE-2015-1782)	29 Mar 202301:48	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in libssh2 affects PowerKVM (CVE-2015-1782)	18 Jun 201801:30	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in libcurl and cURL affect Rational DOORS (CVE-2015-3143, CVE-2015-3144, CVE-2015-3145, CVE-2015-3148, CVE-2015-3153, CVE-2015-3236)	1 May 202008:19	–	ibm
IBM Security Bulletins	Security Bulletin: A vulnerability in libcURL affects IBM Tivoli Netcool System Service Monitors/Application Service Monitors (CVE-2015-3237)	17 Jun 201815:21	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in cURL libcURL affect IBM Tivoli Netcool System Service Monitors/Application Service Monitors (CVE-2015-3144 and CVE-2015-3145)	17 Jun 201815:02	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in cURL libcURL affect IBM Tivoli Composite Application Manager for Transactions (CVE-2015-3143, CVE-2015-3144 and CVE-2015-3145)	17 Jun 201815:02	–	ibm
ALT Linux	Security fix for the ALT Linux 8 package libssh2 version 1.4.3-alt2	25 Nov 201500:00	–	altlinux
ALT Linux	Security fix for the ALT Linux 8 package curl version 7.43.0-alt1	19 Jun 201500:00	–	altlinux
ALT Linux	Security fix for the ALT Linux 8 package curl version 7.42.0-alt1	22 Apr 201500:00	–	altlinux
Tenable Nessus	cURL / libcURL 7.x < 7.42.0 Multiple Vulnerabilities	15 Sep 201500:00	–	nessus

12 Mar 2016 07:09Current

9High risk

Vulners AI Score9

EPSS0.05127