Lucene search
K

15 matches found

Snyk
Snyk
added 2025/10/09 7:42 p.m.4 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF when processing user-supplied URLs. An attacker can cause the server to send unauthorized requests to arbitrary internal or external services by submitting crafted URLs. Workaround This vulnerability can...

8.8CVSS7AI score0.0022EPSS
Exploits0References2
Snyk
Snyk
added 2025/10/09 7:42 p.m.1 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF when processing user-supplied URLs. An attacker can cause the server to send unauthorized requests to arbitrary internal or external services by submitting crafted URLs. Workaround This vulnerability can...

8.8CVSS7AI score0.0022EPSS
Exploits0References2
Snyk
Snyk
added 2025/10/09 7:42 p.m.4 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF when processing user-supplied URLs. An attacker can cause the server to send unauthorized requests to arbitrary internal or external services by submitting crafted URLs. Workaround This vulnerability can...

8.8CVSS6.7AI score0.0022EPSS
Exploits0References2
OSV
OSV
added 2025/10/09 6:58 p.m.5 views

CVE-2025-59146 New API has Authenticated Server-Side Request Forgery (SSRF) issue

New API is a large language mode LLM gateway and artificial intelligence AI asset management system. An authenticated Server-Side Request Forgery SSRF vulnerability exists in versions prior to 0.9.0.5. A feature within the application allows authenticated users to submit a URL for the server to...

8.5CVSS6.7AI score0.0022EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/10/09 6:58 p.m.3 views

CVE-2025-59146 New API has Authenticated Server-Side Request Forgery (SSRF) issue

New API is a large language mode LLM gateway and artificial intelligence AI asset management system. An authenticated Server-Side Request Forgery SSRF vulnerability exists in versions prior to 0.9.0.5. A feature within the application allows authenticated users to submit a URL for the server to...

8.5CVSS6.3AI score0.0022EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-1266

Malware in sbrugna...

6.8CVSS5.7AI score0.00799EPSS
Exploits0References6
OSV
OSV
added 2021/06/08 11:5 p.m.14 views

GHSA-57V4-M9JX-MH8R Improper Input Validation

A vulnerability was found in OVN Kubernetes in versions up to and including 0.3.0 where the Egress Firewall does not reliably apply firewall rules when there is multiple DNS rules. It could lead to potentially lose of confidentiality, integrity or availability of a service...

5.6CVSS5.4AI score0.00799EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2021/06/08 11:5 p.m.36 views

Improper Input Validation

A vulnerability was found in OVN Kubernetes in versions up to and including 0.3.0 where the Egress Firewall does not reliably apply firewall rules when there is multiple DNS rules. It could lead to potentially lose of confidentiality, integrity or availability of a service...

6.8CVSS5.5AI score0.00799EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2021/06/02 4:15 p.m.25 views

CVE-2021-3499

A vulnerability was found in OVN Kubernetes in versions up to and including 0.3.0 where the Egress Firewall does not reliably apply firewall rules when there is multiple DNS rules. It could lead to potentially lose of confidentiality, integrity or availability of a service...

6.8CVSS0.00799EPSS
Exploits0References1
OSV
OSV
added 2021/06/02 4:15 p.m.20 views

CVE-2021-3499

A vulnerability was found in OVN Kubernetes in versions up to and including 0.3.0 where the Egress Firewall does not reliably apply firewall rules when there is multiple DNS rules. It could lead to potentially lose of confidentiality, integrity or availability of a service...

5.6CVSS6.7AI score
Exploits0References1
Prion
Prion
added 2021/06/02 4:15 p.m.16 views

Design/Logic Flaw

A vulnerability was found in OVN Kubernetes in versions up to and including 0.3.0 where the Egress Firewall does not reliably apply firewall rules when there is multiple DNS rules. It could lead to potentially lose of confidentiality, integrity or availability of a service...

6.8CVSS5.4AI score0.00799EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/06/02 3:48 p.m.33 views

CVE-2021-3499

A vulnerability was found in OVN Kubernetes in versions up to and including 0.3.0 where the Egress Firewall does not reliably apply firewall rules when there is multiple DNS rules. It could lead to potentially lose of confidentiality, integrity or availability of a service...

5.7AI score0.00799EPSS
Exploits0References1
CVE
CVE
added 2021/06/02 3:48 p.m.93 views

CVE-2021-3499

OVN Kubernetes vulnerability CVE-2021-3499 affects versions up to 0.3.0. The issue is in the Egress Firewall: it does not reliably apply firewall rules when multiple DNS rules are present, potentially impacting confidentiality, integrity, or availability of a service. The connected documents cons...

6.8CVSS5.4AI score0.00799EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2021/04/14 7:43 p.m.32 views

CVE-2021-3499

A vulnerability was found in OVN Kubernetes where the Egress Firewall does not reliably apply firewall rules when there is multiple dns rules. It could lead to potentially lose of confidentiality, integrity or availability of a service...

6.8CVSS2.6AI score0.00799EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/04/14 12:0 a.m.4 views

OVN Kubernetes 安全漏洞

Kubernetes K8s is an open source system from the Cloud Native Computing Foundation for automating the deployment, scaling, and management of containerized applications. A security vulnerability exists in OVN Kubernetes version 0.3.0 and prior versions, which stems from an egress firewall's...

6.8CVSS5.9AI score0.00799EPSS
Exploits0References5
Rows per page
Query Builder