CVE Daily
← All tags

Tag: Server-Side Request Forgery (SSRF)

All CVEs associated with "Server-Side Request Forgery (SSRF)". Page 23/23 • 2666 CVEs.

Subscribe CVEs: RSS for “Server-Side Request Forgery (SSRF)”  ·  RSS (High+Critical only)

About “Server-Side Request Forgery (SSRF)”

A curated feed of “Server-Side Request Forgery (SSRF)”-related CVEs appears below. We currently track 2666 CVEs for this tag (all time). In the last 365 days, 961 were published. Average CVSS is 6.9 (all time; 6.6 over 365d), and 49% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-918 - Server-Side Request Forgery (SSRF), CWE-611 - Improper Restriction of XML External Entity Reference, CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal').

In our taxonomy this topic maps to a HIGH impact class. Common exploitation patterns for this weakness can lead to high. Use the filters to triage high risk first and validate exposure in your environment. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.

CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).

CVSS ≥ 0.0
2007-11-15
Medium

CVE-2007-4694

Safari in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to access local content via file:// URLs.

CVSS: 4.3 CWE: CWE-264 View on NVD
2007-11-13
Medium

CVE-2007-5934

The LOB functionality in PEAR MDB2 before 2.5.0a1 interprets a request to store a URL string as a request to retrieve and store the contents of the URL, which might allow remote attackers to use MDB2…

CVSS: 4.3 CWE: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor View on NVD
2007-11-08
High

CVE-2007-5896

Mozilla Firefox 2.0.0.9 allows remote attackers to cause a denial of service (CPU consumption and crash) via an iframe with Javascript that sets the document.location to contain a leading NULL byte (…

CVSS: 7.1 CWE: CWE-399 View on NVD
2007-07-03
High

CVE-2007-3514

Cross-domain vulnerability in Apple Safari for Windows 3.0.2 allows remote attackers to bypass the Same Origin Policy and access restricted information from other domains via JavaScript that overwrit…

CVSS: 8.5 CWE: N/A View on NVD
2007-06-20
Medium

CVE-2007-3285

Mozilla Firefox before 2.0.0.5, when run on Windows, allows remote attackers to bypass file type checks and possibly execute programs via a (1) file:/// or (2) resource: URI with a dangerous extensio…

CVSS: 6.8 CWE: CWE-264 View on NVD
2007-04-11
Low

CVE-2007-1947

Cross-zone scripting vulnerability in the DOM templates (domplates) used by the console.log function in the Firebug extension before 1.04 for Mozilla Firefox allows remote attackers to bypass zone re…

CVSS: 3.5 CWE: N/A View on NVD
2007-04-06
Medium

CVE-2007-1878

Cross-zone scripting vulnerability in the DOM templates (domplates) used by the console.log function in the Firebug extension before 1.03 for Mozilla Firefox allows remote attackers to bypass zone re…

CVSS: 6.8 CWE: N/A View on NVD
2007-03-02
Medium

CVE-2007-1199

Adobe Reader and Acrobat Trial allow remote attackers to read arbitrary files via a file:// URI in a PDF document, as demonstrated with <</URI(file:///C:/)/S/URI>>, a different issue than CVE-2007-00…

CVSS: 4.3 CWE: N/A View on NVD
2007-02-07
Medium

CVE-2007-0800

Cross-zone vulnerability in Mozilla Firefox 1.5.0.9 considers blocked popups to have an internal zone origin, which allows user-assisted remote attackers to cross zone restrictions and read arbitrary…

CVSS: 4.3 CWE: N/A View on NVD
2006-06-23
Medium

CVE-2006-3200

Unspecified versions of Internet Explorer allow remote attackers to cause a denial of service (crash) via an IFRAME with a src tag containing a "File://" URI followed by an 8-bit character. NOTE: so…

CVSS: 5.0 CWE: N/A View on NVD
2006-05-29
Low

CVE-2006-2563

The cURL library (libcurl) in PHP 4.4.2 and 5.1.4 allows attackers to bypass safe mode and read files via a file:// request containing null characters.

CVSS: 2.1 CWE: N/A View on NVD
2006-04-20
Medium

CVE-2006-1942

Mozilla Firefox 1.5.0.2 and possibly other versions before 1.5.0.4, Netscape 8.1, 8.0.4, and 7.2, and K-Meleon 0.9.13 allows user-assisted remote attackers to open local files via a web page with an…

CVSS: 5.1 CWE: N/A View on NVD
2006-02-04
High

CVE-2006-0544

urlmon.dll in Microsoft Internet Explorer 7.0 beta 2 (aka 7.0.5296.0) allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a BGSOUND elemen…

CVSS: 7.5 CWE: N/A View on NVD
2005-08-04
Medium

CVE-2005-2455

Greasemonkey before 0.3.5 allows remote web servers to (1) read arbitrary files via a GET request to a file:// URL in the GM_xmlhttpRequest API function, (2) list installed scripts using GM_scripts,…

CVSS: 5.0 CWE: N/A View on NVD
2005-05-02
Medium

CVE-2005-0976

AppleWebKit (WebCore and WebKit), as used in multiple products such as Safari 1.2 and OmniGroup OmniWeb 5.1, allows remote attackers to read arbitrary files via the XMLHttpRequest Javascript componen…

CVSS: 5.0 CWE: N/A View on NVD
2004-12-31
Low

CVE-2004-1795

Info Touch Surfnet kiosk allows local users to access the underlying filesystem via a 'file://' URI.

CVSS: 2.1 CWE: N/A View on NVD
2004-07-27
Critical

CVE-2004-2061

RiSearch 1.0.01 and RiSearch Pro 3.2.06 allows remote attackers to use the show.pl script as an open proxy, or read arbitrary local files, by setting the url parameter to a (1) http://, (2) ftp://, o…

CVSS: 9.8 CWE: CWE-918 - Server-Side Request Forgery (SSRF) View on NVD
2004-07-24
Medium

CVE-2004-2051

The Phoenix browser in eSeSIX Thintune thin clients running firmware 2.4.38 and earlier allows local users to read arbitrary files via a file:/// URL.

CVSS: 5.0 CWE: N/A View on NVD
2004-07-07
Medium

CVE-2004-0474

Help Center (HelpCtr.exe) may allow remote attackers to read or execute arbitrary files via an "http://" or "file://" argument to the topic parameter in an hcp:// URL. NOTE: since the initial report…

CVSS: 5.1 CWE: N/A View on NVD
2003-08-27
High

CVE-2003-0604

Windows Media Player (WMP) 7 and 8, as running on Internet Explorer and possibly other Microsoft products that process HTML, allows remote attackers to bypass zone restrictions and access or execute…

CVSS: 7.5 CWE: N/A View on NVD
2003-06-09
High

CVE-2003-0309

Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to bypass security zone restrictions and execute arbitrary programs via a web document with a large number of duplicate file:// or other r…

CVSS: 7.5 CWE: N/A View on NVD
2003-04-22
Medium

CVE-2002-1467

Macromedia Flash Plugin before 6,0,47,0 allows remote attackers to bypass the same-domain restriction and read arbitrary files via (1) an HTTP redirect, (2) a "file://" base in a web document, or (3)…

CVSS: 5.0 CWE: N/A View on NVD
2002-12-31
Medium

CVE-2002-1770

Qualcomm Eudora 5.1 allows remote attackers to execute arbitrary code via an HTML e-mail message that uses a file:// URL in a t:video tag to reference an attached Windows Media Player file containing…

CVSS: 5.0 CWE: N/A View on NVD
2002-11-29
Medium

CVE-2002-1291

The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to read arbitrary local files and network shares via an applet tag with a codebase set to a "file://%00" (null…

CVSS: 5.0 CWE: N/A View on NVD
2002-07-03
High

CVE-2002-0371

Buffer overflow in gopher client for Microsoft Internet Explorer 5.1 through 6.0, Proxy Server 2.0, or ISA Server 2000 allows remote attackers to execute arbitrary code via a gopher:// URL that redir…

CVSS: 7.5 CWE: N/A View on NVD
2002-04-22
High

CVE-2002-0152

Buffer overflow in various Microsoft applications for Macintosh allows remote attackers to cause a denial of service (crash) or execute arbitrary code by invoking the file:// directive with a large n…

CVSS: 7.5 CWE: N/A View on NVD