Arbitrary File Upload

httparty is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to improper request validation which allows an attacker to manipulate requests and access internal services or expose sensitive data such as API keys...

Server-Side Request Forgery (SSRF)

httparty is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to improper validation of user-supplied URLs, which allows an attacker to force the application to send unauthorized requests to internal servers and potentially leak sensitive information such as API keys...

CVE-2025-68696

A flaw was found in httparty, an API tool. This Server-Side Request Forgery SSRF vulnerability allows an attacker to trick the server into making requests to internal resources or other external domains on their behalf. This can lead to the disclosure of sensitive information, such as API keys, a...

Linux Distros Unpatched Vulnerability : CVE-2025-68696

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - httparty is an API tool. In versions 0.23.2 and prior, httparty is vulnerable to SSRF. This issue can pose a risk of leaking API keys, and it can also allow thi...

CVE-2025-68696

httparty is an API tool. In versions 0.23.2 and prior, httparty is vulnerable to SSRF. This issue can pose a risk of leaking API keys, and it can also allow third parties to issue requests to internal servers. This issue has been patched via commit 0529bcd...

DEBIAN-CVE-2025-68696

httparty is an API tool. In versions 0.23.2 and prior, httparty is vulnerable to SSRF. This issue can pose a risk of leaking API keys, and it can also allow third parties to issue requests to internal servers. This issue has been patched via commit 0529bcd...

UBUNTU-CVE-2025-68696

httparty is an API tool. In versions 0.23.2 and prior, httparty is vulnerable to SSRF. This issue can pose a risk of leaking API keys, and it can also allow third parties to issue requests to internal servers. This issue has been patched via commit 0529bcd...

CVE-2025-68696 httparty Has Potential SSRF Vulnerability That Leads to API Key Leakage

httparty is an API tool. In versions 0.23.2 and prior, httparty is vulnerable to SSRF. This issue can pose a risk of leaking API keys, and it can also allow third parties to issue requests to internal servers. This issue has been patched via commit 0529bcd...

CVE-2025-68696 httparty Has Potential SSRF Vulnerability That Leads to API Key Leakage

httparty is an API tool. In versions 0.23.2 and prior, httparty is vulnerable to SSRF. This issue can pose a risk of leaking API keys, and it can also allow third parties to issue requests to internal servers. This issue has been patched via commit 0529bcd...

CVE-2025-68696

CVE-2025-68696 affects the httparty gem (versions ≤ 0.23.2). The vulnerability is SSRF that can lead to leakage of API keys and allow third parties to issue requests to internal servers. Details across connected sources confirm the affected component (httparty), the root cause (SSRF in SSRF-prone...

CVE-2025-68696 httparty Has Potential SSRF Vulnerability That Leads to API Key Leakage

httparty is an API tool. In versions 0.23.2 and prior, httparty is vulnerable to SSRF. This issue can pose a risk of leaking API keys, and it can also allow third parties to issue requests to internal servers. This issue has been patched via commit 0529bcd...

CVE-2025-68696

httparty is an API tool. In versions 0.23.2 and prior, httparty is vulnerable to SSRF. This issue can pose a risk of leaking API keys, and it can also allow third parties to issue requests to internal servers. This issue has been patched via commit 0529bcd...

EUVD-2025-204848

httparty Has Potential SSRF Vulnerability That Leads to API Key Leakage...

GHSA-HM5P-X4RQ-38W4 httparty Has Potential SSRF Vulnerability That Leads to API Key Leakage

Summary There may be an SSRF vulnerability in httparty. This issue can pose a risk of leaking API keys, and it can also allow third parties to issue requests to internal servers. Details When httparty receives a path argument that is an absolute URL, it ignores the baseuri field. As a result, if ...

PT-2025-52864

Name of the Vulnerable Software and Affected Versions httparty versions prior to 0.23.2 Description httparty is susceptible to a Server-Side Request Forgery SSRF condition in versions 0.23.2 and earlier. This issue could lead to the disclosure of API keys and enable unauthorized requests to...

httparty 代码问题漏洞

httparty is a library from the individual developer John Nunemaker. A code issue vulnerability exists in httparty version 0.23.2 and earlier, which stems from the presence of a server-side request forgery vulnerability that could lead to API key disclosure or requests to an internal server...

httparty Has Potential SSRF Vulnerability That Leads to API Key Leakage

Summary There may be an SSRF vulnerability in httparty. This issue can pose a risk of leaking API keys, and it can also allow third parties to issue requests to internal servers. Details When httparty receives a path argument that is an absolute URL, it ignores the baseuri field. As a result, if ...

EUVD-2017-0272

Malware in sbrugna...

EUVD-2023-0342

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2024-22049

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - httparty before 0.21.0 is vulnerable to an assumed-immutable web parameter vulnerability. A remote and unauthenticated attacker can provide a crafted filename...