Lucene search
+L

4 matches found

NVD
NVD
added 2021/11/24 4:15 p.m.51 views

CVE-2021-43780

Redash is a package for data visualization and sharing. In versions 10.0 and priorm the implementation of URL-loading data sources like JSON, CSV, or Excel is vulnerable to advanced methods of Server Side Request Forgery SSRF. These vulnerabilities are only exploitable on installations where a...

8.8CVSS0.01005EPSS
Exploits0References2
OSV
OSV
added 2021/11/24 4:15 p.m.15 views

CVE-2021-43780

Redash is a package for data visualization and sharing. In versions 10.0 and priorm the implementation of URL-loading data sources like JSON, CSV, or Excel is vulnerable to advanced methods of Server Side Request Forgery SSRF. These vulnerabilities are only exploitable on installations where a...

8.8CVSS7.1AI score
Exploits0References2
Cvelist
Cvelist
added 2021/11/23 11:55 p.m.56 views

CVE-2021-43780 Server-Side Request Forgery (SSRF) in Redash

Redash is a package for data visualization and sharing. In versions 10.0 and priorm the implementation of URL-loading data sources like JSON, CSV, or Excel is vulnerable to advanced methods of Server Side Request Forgery SSRF. These vulnerabilities are only exploitable on installations where a...

6.8CVSS9.2AI score0.01005EPSS
Exploits0References2
CVE
CVE
added 2021/11/23 11:55 p.m.48 views

CVE-2021-43780

CVE-2021-43780 affects Redash: versions 10.0 and prior with URL-loading data sources (JSON, CSV, Excel) enabled, allowing server-side request forgery (SSRF). The root cause is unsafe URL-loading data sources; impact is exposure via SSRF to potentially internal resources. The recommended fix is up...

8.8CVSS8.1AI score0.01005EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder