Fallos del tipo CWE-918
2157 resultadosCVE-2022-1713HIGHSSRF on /proxy in jgraph/drawioEPSS 8.7%CVE-2024-29415HIGHThe ip package through 2.0.1 for Node.js might allow SSRF because some IP addresses (such as 127.1, 01200034567, 012.1.2.3, 000:0:0000::01, EPSS 8.3%CVE-2023-27163MEDIUMrequest-baskets up to v1.2.1 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /api/baskets/{name}. This vulnEPSS 7.5%CVE-2026-9312CRITICALServer-Side Request Forgery vulnerability in GitHub Enterprise Server allowed access to internal services via path traversal in upload endpointEPSS 6.6%CVE-2021-22696—OAuth 2 authorization service vulnerable to DDos attacksEPSS 6.6%CVE-2023-28288HIGHMicrosoft SharePoint Server Spoofing VulnerabilityEPSS 6.2%CVE-2022-40146—Jar url should be blocked by DefaultScriptSecurityEPSS 6.1%CVE-2024-28752CRITICALApache CXF SSRF Vulnerability using the Aegis databindingEPSS 5.8%CVE-2025-68477HIGHLangflow vulnerable to Server-Side Request ForgeryEPSS 5.8%CVE-2025-32102MEDIUMCrushFTP 9.x and 10.x through 10.8.4 and 11.x through 11.3.1 allows SSRF via the host and port parameters in a command=telnetSocket request EPSS 5.7%CVE-2024-34351HIGHNext.js Server-Side Request Forgery in Server ActionsEPSS 5.5%CVE-2022-1711HIGHServer-Side Request Forgery (SSRF) in jgraph/drawioEPSS 5.4%CVE-2024-54385HIGHWordPress Radio Player plugin <= 2.0.83 - Server Side Request Forgery (SSRF) vulnerabilityEPSS 5.1%CVE-2025-24485MEDIUMA server-side request forgery vulnerability exists in the cecho.php functionality of MedDream PACS Premium 7.3.5.860. A specially crafted HTEPSS 5.0%CVE-2025-34452HIGHStreama Subtitle Download Path Traversal and SSRF Leading to Arbitrary File WriteEPSS 5.0%CVE-2024-24759CRITICALMindsDB Vulnerable to Bypass of SSRF Protection with DNS RebindingEPSS 4.9%CVE-2025-59527HIGHFlowiseAI/Flowise has Server-Side Request Forgery (SSRF) vulnerabilityEPSS 4.6%CVE-2026-22219HIGHChainlit < 2.9.4 SQLAlchemy Data Layer SSRF via /project/elementEPSS 4.4%CVE-2021-24150—Like Button Rating < 2.6.32 - Unauthenticated Full-Read SSRFEPSS 4.4%CVE-2020-17513—In Apache Airflow versions prior to 1.10.13, the Charts and Query View of the old (Flask-admin based) UI were vulnerable for SSRF attack.EPSS 4.3%