Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 10:31 p.m.6 views

CVE-2022-24969

bypass CVE-2021-25640 In Apache Dubbo prior to 2.6.12 and 2.7.15, the usage of parseURL method will lead to the bypass of the white host check which can cause open redirect or SSRF vulnerability...

6.1CVSS6.7AI score0.02073EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2022/06/10 12:0 a.m.7 views

cc.jweb:jweb-adai (>=1.0.2 <=1.0.6), cc.jweb:jweb-boot (>=1.0.2 <=1.0.5) +74 more potentially affected by CVE-2021-25640 +1 more via org.apache.dubbo:dubbo (>=2.7.0 <=2.7.14)

org.apache.dubbo:dubbo MAVEN version =2.7.0, =1.0.2, =1.0.2, =1.2.1, =1.28.0, =2.0.0.RELEASE, =2.0.0.RELEASE, =2.0.0.RELEASE, =2.0.0.RELEASE, =2.0.0.RELEASE, =0.0.1, =1.0.3, =1.0.3, =1.5.1, =2.0.1, =2.0.11 and more Source cves: CVE-2021-25640, CVE-2022-24969 Source advisory:...

6.1CVSS6.3AI score0.02073EPSS
Exploits0
CVE
CVE
added 2022/06/06 10:0 p.m.84 views

CVE-2022-24969

Apache Dubbo prior to versions 2.6.12 and 2.7.15 has a vulnerability where the parseURL method bypasses the white host check. The issue can enable open redirection or server-side request forgery (SSRF) as described in CVE-2022-24969 and related advisories. Affected component: parseURL handling in...

6.1CVSS6.1AI score0.02073EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/06/06 10:0 p.m.19 views

CVE-2022-24969 bypass of CVE-2021-25640

bypass CVE-2021-25640 In Apache Dubbo prior to 2.6.12 and 2.7.15, the usage of parseURL method will lead to the bypass of the white host check which can cause open redirect or SSRF vulnerability...

6.5AI score0.02073EPSS
Exploits0References1
Rows per page
Query Builder