CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

12 matches found

RedhatCVE•added 2025/05/22 11:8 p.m.•4 views

CVE-2022-36663

Gluu Oxauth before v4.4.1 allows attackers to execute blind SSRF Server-Side Request Forgery attacks via a crafted requesturi parameter...

9.8CVSS7AI score0.16385EPSS

Exploits2References1

OSV•added 2022/09/07 12:1 a.m.•16 views

GHSA-HC94-9V26-GXWV Gluu Oxauth before v4.4.1 vulnerable to Server-Side Request Forgery attacks via a crafted request_uri parameter

Gluu Oxauth before v4.4.1 allows attackers to execute blind SSRF Server-Side Request Forgery attacks via a crafted requesturi parameter...

9.8CVSS9.3AI score0.16385EPSS

Exploits2References5

Github Security Blog•added 2022/09/07 12:1 a.m.•27 views

Gluu Oxauth before v4.4.1 vulnerable to Server-Side Request Forgery attacks via a crafted request_uri parameter

Gluu Oxauth before v4.4.1 allows attackers to execute blind SSRF Server-Side Request Forgery attacks via a crafted requesturi parameter...

9.8CVSS9AI score0.16385EPSS

Exploits2References5Affected Software1

NVD•added 2022/09/06 9:15 p.m.•15 views

CVE-2022-36663

Gluu Oxauth before v4.4.1 allows attackers to execute blind SSRF Server-Side Request Forgery attacks via a crafted requesturi parameter...

9.8CVSS0.16385EPSS

Exploits2References2

OSV•added 2022/09/06 9:15 p.m.•14 views

CVE-2022-36663

Gluu Oxauth before v4.4.1 allows attackers to execute blind SSRF Server-Side Request Forgery attacks via a crafted requesturi parameter...

9.8CVSS9.3AI score

Exploits0References2

ATTACKERKB•added 2022/09/06 9:15 p.m.•2 views

CVE-2022-36663

Gluu Oxauth before v4.4.1 allows attackers to execute blind SSRF Server-Side Request Forgery attacks via a crafted requesturi parameter...

9.8CVSS7.4AI score0.16385EPSS

Exploits2References3

Prion•added 2022/09/06 9:15 p.m.•12 views

Server side request forgery (ssrf)

Gluu Oxauth before v4.4.1 allows attackers to execute blind SSRF Server-Side Request Forgery attacks via a crafted requesturi parameter...

7.5CVSS9.3AI score0.16385EPSS

Exploits2References2Affected Software1

CVE•added 2022/09/06 8:44 p.m.•67 views

CVE-2022-36663

Gluu OxAuth up to version 4.4.1 is affected by a blind SSRF due to a crafted request_uri parameter in /oxauth/restv1/authorize. The CVE-2022-36663 entry has a high-impact score (9.8) with network, no auth, and no user interaction required; the vulnerability can enable an attacker to induce outbou...

9.8CVSS9.2AI score0.16385EPSS

Exploits2References2Affected Software1

Cvelist•added 2022/09/06 8:44 p.m.•16 views

CVE-2022-36663

Gluu Oxauth before v4.4.1 allows attackers to execute blind SSRF Server-Side Request Forgery attacks via a crafted requesturi parameter...

9.6AI score0.16385EPSS

Exploits2References2

EUVD•added 2022/09/06 8:44 p.m.•4 views

EUVD-2022-6838

Gluu Oxauth before v4.4.1 allows attackers to execute blind SSRF Server-Side Request Forgery attacks via a crafted requesturi parameter...

9.8CVSS9.2AI score0.16385EPSS

Exploits2References6

Positive Technologies•added 2022/09/06 12:0 a.m.•2 views

PT-2022-23534 · Gluu · Gluu Oxauth

Name of the Vulnerable Software and Affected Versions: Gluu Oxauth versions prior to 4.4.1 Description: The issue allows attackers to execute blind SSRF Server-Side Request Forgery attacks via a crafted request uri parameter. This enables attackers to forge requests from the server, potentially...

9.8CVSS9.1AI score0.16385EPSS

Exploits2References9

CNNVD•added 2022/09/06 12:0 a.m.•2 views

Gluu 代码问题漏洞

Gluu is a cloud-hosted identity platform from the US-based Gluu organization. A security vulnerability exists in Gluu Oxauth versions prior to v4.4.1, which can be exploited by an attacker to perform a server-side request forgery SSRF attack via a crafted requesturi parameter...

9.8CVSS8.2AI score0.16385EPSS

Exploits2References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by