Lucene search
+L

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 1:58 a.m.5 views

CVE-2023-47116

Label Studio is a popular open source data labeling tool. The vulnerability affects all versions of Label Studio prior to 1.11.0 and was tested on version 1.8.2. Label Studio's SSRF protections that can be enabled by setting the SSRFPROTECTIONENABLED environment variable can be bypassed to access...

5.3CVSS6.6AI score0.00737EPSS
Exploits1References1
NVD
NVD
added 2024/01/31 5:15 p.m.42 views

CVE-2023-47116

Label Studio is a popular open source data labeling tool. The vulnerability affects all versions of Label Studio prior to 1.11.0 and was tested on version 1.8.2. Label Studio's SSRF protections that can be enabled by setting the SSRFPROTECTIONENABLED environment variable can be bypassed to access...

5.3CVSS5.2AI score0.00737EPSS
Exploits1References3
Cvelist
Cvelist
added 2024/01/31 4:21 p.m.53 views

CVE-2023-47116 Label Studio SSRF on Import Bypassing `SSRF_PROTECTION_ENABLED` Protections

Label Studio is a popular open source data labeling tool. The vulnerability affects all versions of Label Studio prior to 1.11.0 and was tested on version 1.8.2. Label Studio's SSRF protections that can be enabled by setting the SSRFPROTECTIONENABLED environment variable can be bypassed to access...

5.3CVSS5.4AI score0.00737EPSS
Exploits1References3
CVE
CVE
added 2024/01/31 4:21 p.m.50 views

CVE-2023-47116

Summary: CVE-2023-47116 affects Label Studio versions before 1.11.0 (tested on 1.8.2). The SSRF protection that is enabled via SSRF_PROTECTION_ENABLED can be bypassed because SSRF validation only checks a single DNS lookup before the request, and does not validate the final destination IP, allowi...

5.3CVSS5.1AI score0.00737EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2024/01/31 4:21 p.m.2 views

CVE-2023-47116 Label Studio SSRF on Import Bypassing `SSRF_PROTECTION_ENABLED` Protections

Label Studio is a popular open source data labeling tool. The vulnerability affects all versions of Label Studio prior to 1.11.0 and was tested on version 1.8.2. Label Studio's SSRF protections that can be enabled by setting the SSRFPROTECTIONENABLED environment variable can be bypassed to access...

5.3CVSS7AI score0.00737EPSS
Exploits1References3
Circl
Circl
added 2024/01/30 11:7 p.m.6 views

CVE-2023-47116

creationtimestamp| type| source ---|---|--- 2024-01-30 23:07:22+00:00| published-proof-of-concept| https://github.com/HumanSignal/label-studio/security/advisories/GHSA-p59w-9gqw-wj8r 2024-02-09 19:17:13+00:00| seen| https://t.me/ctinow/182203...

5.3CVSS6AI score0.00737EPSS
Exploits1References2
Rows per page
Query Builder