Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:GHSA-FVX3-G627-PHM2
HistoryApr 18, 2019 - 2:27 p.m.

Server-Side Request Forgery (SSRF) in com.ctrip.framework.apollo:apollo

2019-04-1814:27:42
Google
osv.dev
22

EPSS

0.002

Percentile

60.7%

JSON

An SSRF vulnerability was found in an API from Ctrip Apollo through 1.4.0-SNAPSHOT. An attacker may use it to do an intranet port scan or raise a GET request via /system-info/health because the %23 substring is mishandled.

Related

osv 1
cvelist 1
nvd 1
github 1
cve 1
prion 1
osv
osv
CVE-2019-10686
2019-04-01 17:29:00
cvelist
cvelist
CVE-2019-10686
2019-04-01 16:21:00
nvd
nvd
CVE-2019-10686
2019-04-01 17:29:00
github
github
Server-Side Request Forgery (SSRF) in com.ctrip.framework.apollo:apollo
2019-04-18 14:27:42
cve
cve
CVE-2019-10686
2019-04-01 17:29:00
prion
prion
Server side request forgery (ssrf)
2019-04-01 17:29:00

EPSS

0.002

Percentile

60.7%

JSON
Related for OSV:GHSA-FVX3-G627-PHM2
osv1cvelist1nvd1github1cve1prion1