Lucene search
PRIOn knowledge basePRION:CVE-2022-39383HistoryNov 16, 2022 - 8:15 p.m.
Server side request forgery (ssrf)
2022-11-1620:15:00
PRIOn knowledge base
www.prio-n.com
1
kubevela
ssrf
apiserver
helm chart
vulnerability
update
nvd
0.001 Low
EPSS
Percentile
27.2%
KubeVela is an open source application delivery platform. Users using the VelaUX APIServer could be affected by this vulnerability. When using Helm Chart as the component delivery method, the request address of the warehouse is not restricted, and there is a blind SSRF vulnerability. Users who’re using v1.6, please update the v1.6.1. Users who’re using v1.5, please update the v1.5.8. There are no known workarounds for this issue.
Related
cvelist
cvelist
CVE-2022-39383 SSRF vulnerability in KubeVela VelaUX APIServer
2022-11-16 00:00:00
github
github
KubeVela VelaUX APIserver has SSRF vulnerability
2022-11-18 17:14:39
cve
cve
CVE-2022-39383
2022-11-16 20:15:10
osv
osv
KubeVela VelaUX APIserver has SSRF vulnerability
2022-11-18 17:14:39
Server-side request forgery in github.com/oam-dev/kubevela
2022-12-07 18:45:56
CVE-2022-39383
2022-11-16 20:15:10
nvd
nvd
CVE-2022-39383
2022-11-16 20:15:10
veracode
veracode
Server-Side Request Forgery (SSRF)
2022-11-17 05:55:53