Vulnerabilities in amir20
4 resultsCVE-2026-45298HIGHDozzle: Pre-auth SSRF with response-body reflection via POST /api/notifications/test-webhook (default no-auth deploy)EPSS 1.5%CVE-2026-24740HIGHDozzle Agent Label-Based Access Control Bypass Allows Unauthorized Container Shell AccessEPSS 0.4%CVE-2024-47182MEDIUMDozzle uses unsafe hash for passwordsEPSS 0.2%CVE-2026-44985HIGHDozzle: Cross-Site WebSocket Hijacking (CSWSH) on exec/attach endpoints bypasses authenticationEPSS 0.2%