4 matches found
CVE-2026-44285
FastGPT is an AI Agent building platform. Prior to 4.15.0-beta1, a Server-Side Request Forgery SSRF vulnerability allows an authenticated attacker to bypass the global isInternalAddress network protection and make arbitrary HTTP GET requests to internal network services. This is achieved by...
CVE-2026-44285
FastGPT is affected by an SSRF flaw in the dataset preview API. Before 4.15.0-beta1, an authenticated attacker could bypass isInternalAddress protection and reach internal services by abusing /api/core/dataset/file/getPreviewChunks with the externalFile data import type. The issue is resolved in ...
Disable the Source Packet Routing
In a network, source routing allows the sender to specify some or all routes for data packets to pass through the network. In regular routing, routers in the network determine the path based on the destination of the data packets. If a large number of packets are tampered with and pass through th...
CVE-2021-22214
GitLab CE/EE 10.5+ is affected by a server-side request forgery when requests to the internal network for webhooks are enabled. The SSRF can be exploited by an unauthenticated attacker on instances with limited registration. The issue spans multiple CVEs and has been addressed in patches across s...