Lucene search
Veracode Vulnerability DatabaseVERACODE:38071HistoryNov 17, 2022 - 5:55 a.m.
Server-Side Request Forgery (SSRF)
2022-11-1705:55:53
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
12
ssrf vulnerability
github.com/kubevela/kubevela
server-side request forgery
ssrf bypass
crafted url
EPSS
0.001
Percentile
27.0%
github.com/kubevela/kubevela is vulnerable to server-side request forgery. The vulnerability is due to common.go because the request address in the warehouse is not properly restricted which allows an attacker to cause a SSRF bypass via a crafted url.
Related
github
github
KubeVela VelaUX APIserver has SSRF vulnerability
2022-11-18 17:14:39
osv
osv
CGA-g59r-x45f-r5f6
2024-06-06 12:27:22
KubeVela VelaUX APIserver has SSRF vulnerability
2022-11-18 17:14:39
Server-side request forgery in github.com/oam-dev/kubevela
2022-12-07 18:45:56
cvelist
cvelist
CVE-2022-39383 SSRF vulnerability in KubeVela VelaUX APIServer
2022-11-16 00:00:00
prion
prion
Server side request forgery (ssrf)
2022-11-16 20:15:00
cve
cve
CVE-2022-39383
2022-11-16 20:15:10
nvd
nvd
CVE-2022-39383
2022-11-16 20:15:10