Lucene search

CVE-2023-28155

🗓️ 16 Mar 2023 15:11:15Reported by [email protected]Type

Node.js Request package SSRF bypass vulnerabilit

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 38
IBM Security Bulletins	Security Bulletin: Decision Optimization for Cloud Pak for Data is vulnerable to a server-side request forgery (CVE-2023-28155).	1 Aug 202316:03	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to Node.js Request module denial of service vulnerabilitiy [ CVE-2023-28155]	18 Jul 202314:02	–	ibm
IBM Security Bulletins	Security Bulletin: Automation Assets in IBM Cloud Pak for Integration is vulnerable to Node.js Request module (CVE-2023-28155)	18 May 202312:45	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Maximo Application Suite - AI Broker component uses request-2.88.2.tgz which is vulnerable to this CVE-2023-28155	9 Sep 202408:12	–	ibm
IBM Security Bulletins	Security Bulletin: IBM App Connect Enterprise Certified Container operands are vulnerable to server-side request forgery due to [CVE-2023-28155]	27 Jul 202315:56	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Event Streams is affected by a vulnerability in Node.js Request package (CVE-2023-28155)	1 Aug 202316:26	–	ibm
IBM Security Bulletins	Security Bulletin: IBM App Connect Enterprise is vulnerable to a server-side request forgery due to Node.js Request module (CVE-2023-28155).	30 Jun 202314:12	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in Node.js request affects IBM Cloud Pak System[CVE-2023-28155]	1 Aug 202413:38	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Edge Application Manager 4.5.2 addresses the security vulnerabilities listed in the CVEs below.	31 Aug 202316:08	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities	26 May 202314:13	–	ibm

Nvd

Node

request_project requestRange≤2.88.1node.js

Source	Link
security	www.security.netapp.com/advisory/ntap-20230413-0007/
github	www.github.com/request/request/issues/3442
github	www.github.com/request/request/pull/3444
doyensec	www.doyensec.com/resources/Doyensec_Advisory_RequestSSRF_Q12023.pdf

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

16 Mar 2023 15:15Current

6.8Medium risk

Vulners AI Score6.8

CVSS36.1

EPSS0.00605

CWE-918