Lucene search
+L

5 matches found

OSV
OSV
added 3 days ago4 views

CVE-2026-45568 zrok Python ProxyShare can be used as an SSRF proxy through absolute URL paths

zrok is software for sharing web services, files, and network resources. Prior to 2.0.3, zrok's Python SDK ProxyShare Flask proxy route accepts an absolute URL in the request path and passes it to urllib.parse.urljoin, allowing the requested path to replace the configured target host and causing...

9.9CVSS6.1AI score0.00356EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/19 12:0 a.m.16 views

PT-2026-41957

Name of the Vulnerable Software and Affected Versions zrok versions 0.4.47 through 1.1.11 Description The ProxyShare feature in the Python SDK is susceptible to Server-Side Request Forgery SSRF, a flaw where a server is tricked into making requests to an unintended destination. This occurs becaus...

9.9CVSS5.9AI score0.00356EPSS
Exploits0References11
NVD
NVD
added 2025/12/10 1:15 a.m.8 views

CVE-2025-67485

mad-proxy is a Python-based HTTP/HTTPS proxy server for detection and blocking of malicious web activity using custom security policies. Versions 0.3 and below allow attackers to bypass HTTP/HTTPS traffic interception rules, potentially exposing sensitive traffic. This issue does not have a fix a...

5.3CVSS0.00211EPSS
Exploits0References1
OSV
OSV
added 2025/12/10 12:8 a.m.7 views

CVE-2025-67485 HTTP/HTTPS Traffic Interception Bypass in mad-proxy

mad-proxy is a Python-based HTTP/HTTPS proxy server for detection and blocking of malicious web activity using custom security policies. Versions 0.3 and below allow attackers to bypass HTTP/HTTPS traffic interception rules, potentially exposing sensitive traffic. This issue does not have a fix a...

5.3CVSS6.7AI score0.00211EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/12/09 12:0 a.m.10 views

PT-2025-50296

Name of the Vulnerable Software and Affected Versions mad-proxy versions 0.3 and below Description mad-proxy is a Python-based HTTP/HTTPS proxy server designed for detecting and blocking malicious web activity through custom security policies. Versions 0.3 and below permit attackers to circumvent...

5.3CVSS6AI score0.00211EPSS
Exploits0References14
Rows per page
Query Builder