CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

RedhatCVE•added 2025/04/16 4:11 a.m.•17 views

CVE-2025-29720

Dify v1.0 was discovered to contain a Server-Side Request Forgery SSRF via the component controllers.console.remotefiles.RemoteFileUploadApi...

4.8CVSS7.5AI score0.00141EPSS

Exploits1References1

NVD•added 2025/04/14 5:15 p.m.•16 views

CVE-2025-29720

Dify v1.0 was discovered to contain a Server-Side Request Forgery SSRF via the component controllers.console.remotefiles.RemoteFileUploadApi...

4.8CVSS0.00141EPSS

Exploits1References2

OSV•added 2025/04/14 5:15 p.m.•4 views

CVE-2025-29720

Dify v1.0 was discovered to contain a Server-Side Request Forgery SSRF via the component controllers.console.remotefiles.RemoteFileUploadApi...

4.8CVSS7.6AI score

Exploits0References2

CVE•added 2025/04/14 12:0 a.m.•82 views

CVE-2025-29720

CVE-2025-29720 describes a Server-Side Request Forgery (SSRF) in Dify via controllers.console.remote_files.RemoteFileUploadApi affecting Dify v1.0 (and references to v1.6.0 in related advisories). The underlying issue is a component exposure that can be triggered locally with user interaction req...

4.8CVSS7.5AI score0.00141EPSS

In wildExploits1References2Affected Software1