Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2022/05/20 11:20 p.m.31 views

CVE-2019-9187

ikiwiki before 3.20170111.1 and 3.2018x and 3.2019x before 3.20190228 allows SSRF via the aggregate plugin. The impact also includes reading local files via file: URIs...

7.5CVSS4AI score0.01699EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2019/06/25 12:0 a.m.178 views

ikiwiki < 3.20170111.1, 3.2018x < 3.20190228 SSRF Vulnerability

ikiwiki is prone to a server-side request forgery SSRF vulnerability via the aggregate plugin. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

7.5CVSS7.7AI score0.01699EPSS
Exploits0References1
OSV
OSV
added 2019/06/05 6:29 p.m.10 views

CVE-2019-9187

ikiwiki before 3.20170111.1 and 3.2018x and 3.2019x before 3.20190228 allows SSRF via the aggregate plugin. The impact also includes reading local files via file: URIs...

7.5CVSS7.5AI score
Exploits0References3
OSV
OSV
added 2019/06/05 6:29 p.m.1 views

DEBIAN-CVE-2019-9187

ikiwiki before 3.20170111.1 and 3.2018x and 3.2019x before 3.20190228 allows SSRF via the aggregate plugin. The impact also includes reading local files via file: URIs...

7.5CVSS6.8AI score0.01699EPSS
Exploits0References1
CVE
CVE
added 2019/06/05 5:55 p.m.91 views

CVE-2019-9187

ikiwiki before 3.20170111.1 and 3.2018x and 3.2019x before 3.20190228 is vulnerable to SSRF via the aggregate plugin, with the ability to read local files via file: URIs. No patch/version remediation details are provided in the supplied documents.

7.5CVSS7.3AI score0.01699EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/03/19 12:0 a.m.29 views

Debian DLA-1716-1 : ikiwiki security update

The ikiwiki maintainers discovered that the aggregate plugin did not use LWPx::ParanoidAgent. On sites where the aggregate plugin is enabled, authorized wiki editors could tell ikiwiki to fetch potentially undesired URIs even if LWPx::ParanoidAgent was installed : local files via file: URIs other...

7.5CVSS7.3AI score0.01699EPSS
Exploits0References3
Debian
Debian
added 2019/03/18 6:59 a.m.129 views

[SECURITY] [DLA 1716-1] ikiwiki security update

Package : ikiwiki Version : 3.20141016.4+deb8u1 CVE ID : CVE-2019-9187 The ikiwiki maintainers discovered that the aggregate plugin did not use LWPx::ParanoidAgent. On sites where the aggregate plugin is enabled, authorized wiki editors could tell ikiwiki to fetch potentially undesired URIs even ...

7.5CVSS7.5AI score0.01699EPSS
Exploits0
OpenVAS
OpenVAS
added 2019/03/18 12:0 a.m.109 views

Debian: Security Advisory (DLA-1716-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.01699EPSS
Exploits0References3
Debian
Debian
added 2019/02/28 10:6 p.m.151 views

[SECURITY] [DSA 4399-1] ikiwiki security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4399-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 28, 2019 https://www.debian.org/security/faq -...

7.5CVSS7.6AI score0.01699EPSS
Exploits0
Rows per page
Query Builder