2 matches found
Arbitrary File Upload
httparty is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to improper request validation which allows an attacker to manipulate requests and access internal services or expose sensitive data such as API keys...
GHSA-HM5P-X4RQ-38W4 httparty Has Potential SSRF Vulnerability That Leads to API Key Leakage
Summary There may be an SSRF vulnerability in httparty. This issue can pose a risk of leaking API keys, and it can also allow third parties to issue requests to internal servers. Details When httparty receives a path argument that is an absolute URL, it ignores the baseuri field. As a result, if ...