Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

20 matches found

RedhatCVE
RedhatCVEadded 2026/05/13 8:23 p.m.6 views

CVE-2026-42175

requests-hardened is a library that overrides the default behaviors of the requests library, and adds new security features. Prior to , the SSRF protection in requests-hardened fails to block IP addresses within the RFC 6598 Shared Address Space 100.64.0.0/10. An attacker who can supply arbitrary...

6.5CVSS5.9AI score0.00013EPSS
Exploits0References1
NVD
NVDadded 2026/05/12 6:17 p.m.8 views

CVE-2026-42175

requests-hardened is a library that overrides the default behaviors of the requests library, and adds new security features. Prior to , the SSRF protection in requests-hardened fails to block IP addresses within the RFC 6598 Shared Address Space 100.64.0.0/10. An attacker who can supply arbitrary...

6.5CVSS0.00013EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2026/05/12 5:52 p.m.4 views

CVE-2026-42175 requests-hardened: Server-Side Request Forgery (SSRF) in requests-hardened RFC 6598

requests-hardened is a library that overrides the default behaviors of the requests library, and adds new security features. Prior to , the SSRF protection in requests-hardened fails to block IP addresses within the RFC 6598 Shared Address Space 100.64.0.0/10. An attacker who can supply arbitrary...

6.5CVSS5.9AI score0.00013EPSS
Exploits0References4
CVE
CVEadded 2026/05/12 5:52 p.m.4 views

CVE-2026-42175

The CVE-2026-42175 entry concerns the requests-hardened library, whose SSRF protection failed to block addresses in RFC 6598 (100.64.0.0/10). Affected behavior: an attacker able to supply arbitrary URLs could reach internal services within 100.64.0.0/10 in environments using that CIDR (e.g., AWS ...

6.5CVSS5.9AI score0.00013EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/05/12 5:52 p.m.25 views

CVE-2026-42175 requests-hardened: Server-Side Request Forgery (SSRF) in requests-hardened RFC 6598

requests-hardened is a library that overrides the default behaviors of the requests library, and adds new security features. Prior to , the SSRF protection in requests-hardened fails to block IP addresses within the RFC 6598 Shared Address Space 100.64.0.0/10. An attacker who can supply arbitrary...

6.5CVSS0.00013EPSS
Exploits0References4
OSV
OSVadded 2026/05/05 7:52 p.m.4 views

GHSA-VH75-FWV3-PQRH requests-hardened is Vulnerable to Server-Side Request Forgery

The SSRF protection in requests-hardened prior to version 1.2.1 fails to block IP addresses within the RFC 6598 Shared Address Space 100.64.0.0/10. An attacker who can supply arbitrary URLs to requests-hardened could exploit this gap to access internal services hosted within 100.64.0.0/10. This i...

6.5CVSS5.9AI score0.00013EPSS
Exploits0References6
Github Security Blog
Github Security Blogadded 2026/05/05 7:52 p.m.5 views

requests-hardened is Vulnerable to Server-Side Request Forgery

The SSRF protection in requests-hardened prior to version 1.2.1 fails to block IP addresses within the RFC 6598 Shared Address Space 100.64.0.0/10. An attacker who can supply arbitrary URLs to requests-hardened could exploit this gap to access internal services hosted within 100.64.0.0/10. This i...

6.5CVSS5.9AI score0.00013EPSS
Exploits0References6Affected Software1
Positive Technologies
Positive Technologiesadded 2026/05/05 12:0 a.m.5 views

PT-2026-37250

Name of the Vulnerable Software and Affected Versions requests-hardened versions prior to 1.2.1 Description The Server-Side Request Forgery SSRF protection fails to block IP addresses within the RFC 6598 Shared Address Space 100.64.0.0/10. An attacker capable of supplying arbitrary URLs can explo...

6.5CVSS5.9AI score0.00013EPSS
Exploits0References7
RedhatCVE
RedhatCVEadded 2026/01/09 10:45 a.m.6 views

CVE-2022-0249

A vulnerability was discovered in GitLab starting with version 12. GitLab was vulnerable to a blind SSRF attack since requests to shared address space were not blocked...

9.1CVSS6.4AI score0.00233EPSS
Exploits1References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2022-15441

Malicious code in bioql PyPI...

9.1CVSS9AI score0.00233EPSS
Exploits1References3
OSV
OSVadded 2024/03/06 11:16 a.m.16 views

BIT-GITLAB-2022-0249

A vulnerability was discovered in GitLab starting with version 12. GitLab was vulnerable to a blind SSRF attack since requests to shared address space were not blocked...

9.1CVSS8.9AI score0.00233EPSS
Exploits1References4
ATTACKERKB
ATTACKERKBadded 2022/03/28 7:15 p.m.3 views

CVE-2022-0249

A vulnerability was discovered in GitLab starting with version 12. GitLab was vulnerable to a blind SSRF attack since requests to shared address space were not blocked...

9.1CVSS7.7AI score0.00233EPSS
Exploits1References4Affected Software1
NVD
NVDadded 2022/03/28 7:15 p.m.13 views

CVE-2022-0249

A vulnerability was discovered in GitLab starting with version 12. GitLab was vulnerable to a blind SSRF attack since requests to shared address space were not blocked...

9.1CVSS0.00233EPSS
Exploits1References3
OSV
OSVadded 2022/03/28 7:15 p.m.1 views

UBUNTU-CVE-2022-0249

A vulnerability was discovered in GitLab starting with version 12. GitLab was vulnerable to a blind SSRF attack since requests to shared address space were not blocked...

9.1CVSS5.8AI score0.00233EPSS
Exploits1References5
Prion
Prionadded 2022/03/28 7:15 p.m.16 views

Server side request forgery (ssrf)

A vulnerability was discovered in GitLab starting with version 12. GitLab was vulnerable to a blind SSRF attack since requests to shared address space were not blocked...

6.4CVSS8.9AI score0.00233EPSS
Exploits1References3Affected Software1
UbuntuCve
UbuntuCveadded 2022/03/28 7:15 p.m.34 views

CVE-2022-0249

A vulnerability was discovered in GitLab starting with version 12. GitLab was vulnerable to a blind SSRF attack since requests to shared address space were not blocked...

9.1CVSS7.2AI score0.00233EPSS
Exploits1References4
Debian CVE
Debian CVEadded 2022/03/28 6:53 p.m.43 views

CVE-2022-0249

Removed by vendor...

9.1CVSS7.3AI score0.00233EPSS
Exploits1
Cvelist
Cvelistadded 2022/03/28 6:53 p.m.12 views

CVE-2022-0249

A vulnerability was discovered in GitLab starting with version 12. GitLab was vulnerable to a blind SSRF attack since requests to shared address space were not blocked...

3.1CVSS9.2AI score0.00233EPSS
Exploits1References3
OSV
OSVadded 2022/03/28 6:53 p.m.14 views

CVE-2022-0249

A vulnerability was discovered in GitLab starting with version 12. GitLab was vulnerable to a blind SSRF attack since requests to shared address space were not blocked...

3.1CVSS6.3AI score0.00233EPSS
Exploits1References5
Positive Technologies
Positive Technologiesadded 2022/03/28 12:0 a.m.1 views

PT-2022-13067 · Gitlab · Gitlab

Name of the Vulnerable Software and Affected Versions: GitLab versions 12.0 and later Description: A blind SSRF attack was possible due to unblocked requests to shared address space. Recommendations: For GitLab versions 12.0 and later, update to a version that includes a fix for this issue. At th...

9.1CVSS8.9AI score0.00233EPSS
Exploits1References10
Rows per page
Query Builder