Lucene search
+L

31 matches found

NVD
NVD
added 2024/07/26 5:15 p.m.15 views

CVE-2024-41813

txtdot is an HTTP proxy that parses only text, links, and pictures from pages, removing ads and heavy scripts. Starting in version 1.4.0 and prior to version 1.6.1, a Server-Side Request Forgery SSRF vulnerability in the /proxy route of txtdot allows remote attackers to use the server as a proxy ...

7.5CVSS0.00693EPSS
Exploits1References3
Cvelist
Cvelist
added 2024/07/26 4:51 p.m.23 views

CVE-2024-41813 txtdot SSRF vulnerability in /proxy

txtdot is an HTTP proxy that parses only text, links, and pictures from pages, removing ads and heavy scripts. Starting in version 1.4.0 and prior to version 1.6.1, a Server-Side Request Forgery SSRF vulnerability in the /proxy route of txtdot allows remote attackers to use the server as a proxy ...

7.5CVSS0.00693EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2024/07/26 4:51 p.m.18 views

CVE-2024-41813 txtdot SSRF vulnerability in /proxy

txtdot is an HTTP proxy that parses only text, links, and pictures from pages, removing ads and heavy scripts. Starting in version 1.4.0 and prior to version 1.6.1, a Server-Side Request Forgery SSRF vulnerability in the /proxy route of txtdot allows remote attackers to use the server as a proxy ...

7.5CVSS6.9AI score0.00693EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2024/07/26 12:0 a.m.12 views

PT-2024-29580 · Txtdot · Txtdot

Name of the Vulnerable Software and Affected Versions: txtdot versions 1.4.0 through 1.6.0 Description: A Server-Side Request Forgery SSRF issue exists in the /proxy route, allowing remote attackers to send HTTP GET requests to arbitrary targets and retrieve internal network information...

7.5CVSS7.6AI score0.00693EPSS
Exploits1References6
Veracode
Veracode
added 2024/03/29 8:23 a.m.29 views

Server Side Request Forgery (SSRF)

gradio is vulnerable to Server Side Request Forgery SSRF. The vulnerability is due to the /proxy route allowing users to proxy arbitrary URLs include potentially internal endpoints. Attackers can proxy arbitrary URLs by exploiting this vulnerability...

7.3CVSS6.9AI score0.00421EPSS
Exploits1References3Affected Software1
Github Security Blog
Github Security Blog
added 2024/03/27 3:31 a.m.33 views

gradio Server-Side Request Forgery vulnerability

An SSRF vulnerability exists in the gradio-app/gradio due to insufficient validation of user-supplied URLs in the /proxy route. Attackers can exploit this vulnerability by manipulating the self.replicaurls set through the X-Direct-Url header in requests to the / and /config routes, allowing the...

7.3CVSS7.1AI score0.00421EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2024/03/26 12:0 a.m.5 views

PT-2024-19175

Name of the Vulnerable Software and Affected Versions gradio-app/gradio affected versions not specified Description A vulnerability exists due to insufficient validation of user-supplied URLs in the "/proxy" route. Attackers can exploit this by manipulating the self.replica urls set through the...

7.3CVSS7.2AI score0.00421EPSS
Exploits1References13
OSV
OSV
added 2022/04/14 4:15 p.m.5 views

CVE-2022-22197

An Operation on a Resource after Expiration or Release vulnerability in the Routing Protocol Daemon RPD of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker with an established BGP session to cause a Denial of Service DoS. This issue occurs when...

7.5CVSS5.8AI score0.01072EPSS
Exploits0References1
CNVD
CNVD
added 2021/07/21 12:0 a.m.18 views

Siren Investigate Cross-Site Request Forgery Vulnerability

Siren Investigate is a front-end to the Siren platform from Siren Ireland, allowing the creation of dashboards, charts, link analysis, alerts, etc. A cross-site request forgery vulnerability exists in versions of Siren Investigate prior to 11.1.1, which can be exploited by an attacker to specify...

8.1CVSS3.1AI score0.00724EPSS
Exploits0References1
OSV
OSV
added 2021/07/19 1:15 p.m.4 views

CVE-2021-31216

Siren Investigate before 11.1.1 contains a server side request forgery SSRF defect in the built-in image proxy route which is enabled by default. An attacker with access to the Investigate installation can specify an arbitrary URL in the parameters of the image proxy route and fetch external URLs...

8.1CVSS5.9AI score0.00724EPSS
Exploits0References2
Prion
Prion
added 2021/07/19 1:15 p.m.22 views

Server side request forgery (ssrf)

Siren Investigate before 11.1.1 contains a server side request forgery SSRF defect in the built-in image proxy route which is enabled by default. An attacker with access to the Investigate installation can specify an arbitrary URL in the parameters of the image proxy route and fetch external URLs...

5.5CVSS8AI score0.00724EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder