Vulners
Lucene search
2 matches found
CVE-2022-1722
SSRF in editor's proxy via IPv6 link-local address in GitHub repository jgraph/drawio prior to 18.0.5. SSRF to internal link-local IPv6 addresses...
7.5CVSS5.8AI score0.00159EPSS
Exploits1References3
PT-2022-14073 · Drawio · Drawio
Name of the Vulnerable Software and Affected Versions: drawio versions prior to 18.0.5 Description: The issue is related to a Server-Side Request Forgery SSRF in the editor's proxy via an IPv6 link-local address. This allows for SSRF to internal link-local IPv6 addresses. Recommendations: For...
7.5CVSS5.4AI score0.00159EPSS
Exploits1References6
20