Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/05/13 8:23 p.m.10 views

CVE-2026-42175

requests-hardened is a library that overrides the default behaviors of the requests library, and adds new security features. Prior to , the SSRF protection in requests-hardened fails to block IP addresses within the RFC 6598 Shared Address Space 100.64.0.0/10. An attacker who can supply arbitrary...

6.5CVSS5.9AI score0.00305EPSS
Exploits0References1
NVD
NVD
added 2026/05/12 6:17 p.m.16 views

CVE-2026-42175

requests-hardened is a library that overrides the default behaviors of the requests library, and adds new security features. Prior to , the SSRF protection in requests-hardened fails to block IP addresses within the RFC 6598 Shared Address Space 100.64.0.0/10. An attacker who can supply arbitrary...

6.5CVSS0.00305EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/07 1:48 p.m.14 views

EUVD-2026-28383

Wallos is an open-source, self-hostable personal subscription tracker. Prior to version 4.8.1, the SSRF protection in endpoints/subscription/add.php line 42 and endpoints/payments/add.php line 40 uses an inline IP validation check FILTERFLAGNOPRIVRANGE | FILTERFLAGNORESRANGE that does not block...

4.3CVSS5.7AI score0.00204EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/05/05 7:52 p.m.9 views

requests-hardened is Vulnerable to Server-Side Request Forgery

The SSRF protection in requests-hardened prior to version 1.2.1 fails to block IP addresses within the RFC 6598 Shared Address Space 100.64.0.0/10. An attacker who can supply arbitrary URLs to requests-hardened could exploit this gap to access internal services hosted within 100.64.0.0/10. This i...

6.5CVSS5.9AI score0.00305EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder