4 matches found
CVE-2021-43780
Redash is a package for data visualization and sharing. In versions 10.0 and priorm the implementation of URL-loading data sources like JSON, CSV, or Excel is vulnerable to advanced methods of Server Side Request Forgery SSRF. These vulnerabilities are only exploitable on installations where a...
CVE-2021-43780
Redash is a package for data visualization and sharing. In versions 10.0 and priorm the implementation of URL-loading data sources like JSON, CSV, or Excel is vulnerable to advanced methods of Server Side Request Forgery SSRF. These vulnerabilities are only exploitable on installations where a...
CVE-2021-43780 Server-Side Request Forgery (SSRF) in Redash
Redash is a package for data visualization and sharing. In versions 10.0 and priorm the implementation of URL-loading data sources like JSON, CSV, or Excel is vulnerable to advanced methods of Server Side Request Forgery SSRF. These vulnerabilities are only exploitable on installations where a...
CVE-2021-43780
CVE-2021-43780 affects Redash: versions 10.0 and prior with URL-loading data sources (JSON, CSV, Excel) enabled, allowing server-side request forgery (SSRF). The root cause is unsafe URL-loading data sources; impact is exposure via SSRF to potentially internal resources. The recommended fix is up...