GitHub Enterprise Server 安全漏洞

GitHub Enterprise Server is an open-source application developed by GitHub in the United States. It provides a scalable and easy-to-manage platform by allowing users to set their GitHub instances as virtual devices. Prior to version 3.21 of GitHub Enterprise Server, there was a security...

Server-side Request Forgery (SSRF)

Overview org.webjars.npm:pdfmake is a Client/server side PDF printing in pure JavaScript Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the URLResolver component. An attacker can obtain sensitive information by making crafted requests to internal or...

EUVD-2026-10757

Server-Side Request Forgery SSRF vulnerability in pdfmake versions 0.3.0-beta.2 through 0.3.5 allows a remote attacker to obtain sensitive information via the src/URLResolver.js component. The fix was released in version 0.3.6 which introduces the setUrlAccessPolicy method allowing server operato...

GHSA-WP52-R2FP-4VMR pdfmake is vulnerable to server-side request forgery (SSRF)

Server-Side Request Forgery SSRF vulnerability in pdfmake versions 0.3.0-beta.2 through 0.3.5 allows a remote attacker to obtain sensitive information via the src/URLResolver.js component. The fix was released in version 0.3.6 which introduces the setUrlAccessPolicy method allowing server operato...

Server-side Request Forgery (SSRF)

Overview pdfmake is a Client/server side PDF printing in pure JavaScript Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the URLResolver component. An attacker can obtain sensitive information by making crafted requests to internal or external resources...

CVE-2026-26801

Server-Side Request Forgery SSRF vulnerability in pdfmake versions 0.3.0-beta.2 through 0.3.5 allows a remote attacker to obtain sensitive information via the src/URLResolver.js component. The fix was released in version 0.3.6 which introduces the setUrlAccessPolicy method allowing server operato...

CVE-2026-26801

CVE-2026-26801 describes a Server-Side Request Forgery (SSRF) in pdfmake versions 0.3.0-beta.2 through 0.3.5, exploitable via the src/URLResolver.js component. The underlying issue is that server-side requests could access arbitrary URLs. The fix is in version 0.3.6, which introduces setUrlAccess...

PT-2026-24364

Name of the Vulnerable Software and Affected Versions pdfmake versions 0.3.0-beta.2 through 0.3.5 Description A Server-Side Request Forgery SSRF issue exists in the src/URLResolver.js component of pdfmake. This allows a remote attacker to potentially obtain sensitive information. The issue was...

CVE-2026-26801

Server-Side Request Forgery SSRF vulnerability in pdfmake versions 0.3.0-beta.2 through 0.3.5 allows a remote attacker to obtain sensitive information via the src/URLResolver.js component. The fix was released in version 0.3.6 which introduces the setUrlAccessPolicy method allowing server operato...

pdfmake 安全漏洞

pdfmake is a pure JavaScript server-side and client-side PDF document generation library developed by Bartek Pampuch. There were security vulnerabilities in the version 0.3.0-beta.2 to 0.3.5 of pdfmake, which stemmed from the src/URLResolver.js component’s server-side request forgery vulnerabilit...

EUVD-2014-0007

Malware in sbrugna...

PYSEC-2014-4

The core.urlresolvers.reverse function in Django before 1.4.14, 1.5.x before 1.5.9, 1.6.x before 1.6.6, and 1.7 before release candidate 3 does not properly validate URLs, which allows remote attackers to conduct phishing attacks via a // slash slash in a URL, which triggers a scheme-relative URL...

DEBIAN-CVE-2014-0472

The django.core.urlresolvers.reverse function in Django before 1.4.11, 1.5.x before 1.5.6, 1.6.x before 1.6.3, and 1.7.x before 1.7 beta 2 allows remote attackers to import and execute arbitrary Python modules by leveraging a view that constructs URLs using user input and a "dotted Python path."...