Lucene search
+L

5 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 10:0 p.m.6 views

CVE-2022-24856

FlyteConsole is the web user interface for the Flyte platform. FlyteConsole prior to version 0.52.0 is vulnerable to server-side request forgery SSRF when FlyteConsole is open to the general internet. An attacker can exploit any user of a vulnerable instance to access the internal metadata server...

9.1CVSS6.8AI score0.1029EPSS
Exploits0References1
CVE
CVE
added 2022/05/17 3:25 p.m.108 views

CVE-2022-24856

Summary: CVE-2022-24856 affects FlyteConsole

9.1CVSS7.8AI score0.1029EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2022/05/17 3:25 p.m.35 views

CVE-2022-24856 Server-Side Request Forgery in FlyteConsole

FlyteConsole is the web user interface for the Flyte platform. FlyteConsole prior to version 0.52.0 is vulnerable to server-side request forgery SSRF when FlyteConsole is open to the general internet. An attacker can exploit any user of a vulnerable instance to access the internal metadata server...

9.1CVSS9.6AI score0.1029EPSS
Exploits0References4
OSV
OSV
added 2022/05/17 3:25 p.m.24 views

CVE-2022-24856 Server-Side Request Forgery in FlyteConsole

FlyteConsole is the web user interface for the Flyte platform. FlyteConsole prior to version 0.52.0 is vulnerable to server-side request forgery SSRF when FlyteConsole is open to the general internet. An attacker can exploit any user of a vulnerable instance to access the internal metadata server...

9.1CVSS7.6AI score0.1029EPSS
Exploits0References6
Hacker One
Hacker One
added 2022/04/14 3:58 a.m.56 views

Uber: Full read SSRF in flyte-poc-us-east4.uberinternal.com

Uber summary TBD. @shubs and I discovered an instance of Flyte Console on uberinternal.com. After auditing the open source code, we noticed an unauthenticated route for a “CORS proxy”. This was a classic server-side request forgery issue, allowing us to pass an arbitrary request to be performed b...

5CVSS0.7AI score0.1029EPSS
Exploits0
Rows per page
Query Builder