exploitDog

GHSA-p69p-2m86-g334

Опубликовано: 18 окт. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 5.3

Описание

RAVA certificate validation system has inadequate filtering for URL parameter. An unauthenticated remote attacker can perform SSRF attack to discover internal network topology base on query response.

RAVA certificate validation system has inadequate filtering for URL parameter. An unauthenticated remote attacker can perform SSRF attack to discover internal network topology base on query response.

Ссылки

EPSS

Процентиль: 26%

0.00091

Низкий

5.3 Medium

CVSS3

CVE ID

Дефекты

CWE-918

Связанные уязвимости

CVE-2022-39055

CVSS3: 5.3

nvd

больше 3 лет назад

RAVA certificate validation system has inadequate filtering for URL parameter. An unauthenticated remote attacker can perform SSRF attack to discover internal network topology base on query response.

EPSS

Процентиль: 26%

0.00091

Низкий

5.3 Medium

CVSS3

CVE ID

Дефекты

CWE-918