Lucene search
K

7 matches found

Snyk
Snyk
added 2025/09/17 8:43 p.m.2 views

Information Exposure

Overview Affected versions of this package are vulnerable to Information Exposure via the gRPC API and HTTP APIs, which allow peers to send requests that cause the recipient to create files in arbitrary file system locations and read arbitrary files. An attacker can access sensitive data or execu...

10CVSS7.4AI score0.0068EPSS
Exploits0References2
Snyk
Snyk
added 2025/09/17 7:27 p.m.1 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the CreatePreheat process and peer-to-peer communication mechanisms. An attacker can access internal network resources by supplying crafted URLs to API endpoints or by leveraging peer requests,...

8.7CVSS6.7AI score0.00231EPSS
Exploits0References2
Snyk
Snyk
added 2025/09/17 7:27 p.m.1 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the CreatePreheat process and peer-to-peer communication mechanisms. An attacker can access internal network resources by supplying crafted URLs to API endpoints or by leveraging peer requests,...

8.7CVSS6.7AI score0.00231EPSS
Exploits0References2
Snyk
Snyk
added 2025/09/17 7:27 p.m.1 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the CreatePreheat process and peer-to-peer communication mechanisms. An attacker can access internal network resources by supplying crafted URLs to API endpoints or by leveraging peer requests,...

8.7CVSS6.7AI score0.00231EPSS
Exploits0References2
Snyk
Snyk
added 2025/09/17 7:27 p.m.1 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the CreatePreheat process and peer-to-peer communication mechanisms. An attacker can access internal network resources by supplying crafted URLs to API endpoints or by leveraging peer requests,...

8.7CVSS6.7AI score0.00231EPSS
Exploits0References2
OSV
OSV
added 2025/09/17 7:27 p.m.3 views

GHSA-G2RQ-JV54-WCPR Dragonfly vulnerable to server-side request forgery

Impact There are multiple server-side request forgery SSRF vulnerabilities in the DragonFly2 system. The vulnerabilities enable users to force DragonFly2’s components to make requests to internal services, which otherwise are not accessible to the users. One SSRF attack vector is exposed by the...

8.7CVSS6.8AI score0.00231EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/04/11 12:0 a.m.2 views

Libreswan 安全漏洞

Libreswan is an IPsec implementation similar to Openswan, which is primarily used to ensure security and integrity issues in data transmission. A security vulnerability exists in Libreswan that stems from the default proposal handler of libreswan asserting failure and crashing and restarting when...

6.5CVSS6.4AI score0.008EPSS
Exploits0References3
Rows per page
Query Builder