4 matches found
CVE-2022-1722
SSRF in editor's proxy via IPv6 link-local address in GitHub repository jgraph/drawio prior to 18.0.5. SSRF to internal link-local IPv6 addresses...
CVE-2022-1722
SSRF in editor's proxy via IPv6 link-local address in GitHub repository jgraph/drawio prior to 18.0.5. SSRF to internal link-local IPv6 addresses...
CVE-2022-1722 SSRF in editor's proxy via IPv6 link-local address in jgraph/drawio
SSRF in editor's proxy via IPv6 link-local address in GitHub repository jgraph/drawio prior to 18.0.5. SSRF to internal link-local IPv6 addresses...
CVE-2022-1722
CVE-2022-1722 describes an SSRF issue in the editor’s proxy of JGraph Draw.io (jgraph/drawio) prior to version 18.0.5. The vulnerability arises from failing to filter IPv6 link-local addresses, allowing SSRF requests to internal link-local IPv6 addresses (fe80::/10). Affected component is the edi...