Lucene search
+L

4 matches found

vulnersOsv
vulnersOsv
added 2023/10/19 9:30 a.m.4 views

org.apache.shenyu:shenyu-admin-dist (>=2.4.0 <=2.4.3) potentially affected by CVE-2023-25753 via org.apache.shenyu:shenyu-admin (>=2.4.0 <=2.4.3)

org.apache.shenyu:shenyu-admin MAVEN version =2.4.0, =2.4.0, =2.4.3 Source cves: CVE-2023-25753 Source advisory: OSV:GHSA-7W8V-5FCQ-PVQW...

6.5CVSS6.5AI score0.00838EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2023/10/19 9:30 a.m.6 views

com.gitee.pulanos.pangu:pangu-gateway-spring-boot-starter (>=5.0.7 <=5.1.0), io.github.shuigedeng:taotao-cloud-starter-actuator (=2023.08) +330 more potentially affected by CVE-2023-25753 via org.apache.shenyu:shenyu-common (>=2.4.0 <=2.5.1)

org.apache.shenyu:shenyu-common MAVEN version =2.4.0, =5.0.7, =2022.09, =2023.2.01, =2022.11, =2022.11, =2022.11, =2022.09, =2023.02, =2022.11, =2022.11, =2023.04, =2022.11, =2022.11, =2022.09, =2022.10 and more Source cves: CVE-2023-25753 Source a...

6.5CVSS6.5AI score0.00838EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2023/10/19 8:35 a.m.13 views

CVE-2023-25753 Server-Side Request Forgery in Apache ShenYu

There exists an SSRF Server-Side Request Forgery vulnerability located at the /sandbox/proxyGateway endpoint. This vulnerability allows us to manipulate arbitrary requests and retrieve corresponding responses by inputting any URL into the requestUrl parameter. Of particular concern is our ability...

6.9AI score0.00838EPSS
Exploits0References1
CVE
CVE
added 2023/10/19 8:35 a.m.75 views

CVE-2023-25753

CVE-2023-25753 affects Apache ShenYu 2.5.1. The vulnerability is a Server-Side Request Forgery (SSRF) at the /sandbox/proxyGateway endpoint, allowing an attacker to inject arbitrary URLs via the requestUrl parameter and manipulate the resulting HTTP request. The issue enables control over the HTT...

6.5CVSS6.4AI score0.00838EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder