6 matches found
CVE-2026-42592
Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.32.0, FilterOutboundURL resolves the hostname, checks the resolved IPs against the private-address deny-list, and returns only the error. It discards the resolved addresses. Chromium later performs its own DNS resolution when i...
EUVD-2026-19682
LinkAce is a self-hosted archive to collect website links. Prior to 2.5.4, LinkRepository::update and CheckLinksCommand::checkLink do not check for private IPs. An authenticated user can read responses from internal services AWS IMDSv1, cloud metadata, internal APIs by creating a link with a publ...
CVE-1999-0529
A router or firewall forwards packets that claim to come from IANA reserved or private addresses, e.g. 10.x.x.x, 127.x.x.x, 217.x.x.x, etc...
PT-2025-14083 · Apache · Apache Answer
Name of the Vulnerable Software and Affected Versions: Apache Answer versions through 1.4.2 Apache Answer versions prior to 1.4.5 Description: This issue affects users who use externally referenced images. When a user accesses such an image, the provider of the image may obtain private informatio...
PT-2022-15512 · Sap · S/4Hana
Name of the Vulnerable Software and Affected Versions: S/4HANA affected versions not specified Description: The issue concerns the exposure of private address and bank details of an Employee Business Partner with Supplier Role through the S/4HANA Supplier Factsheet, as well as the exposure of...
CVE-2018-13365
An Information Exposure vulnerability in Fortinet FortiOS 6.0.1, 5.6.5 and below, allow attackers to learn private IP as well as the hostname of FortiGate via Application Control Block page...