exploitDog

GHSA-x284-mqwh-m8wm

Опубликовано: 30 сент. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 5.3

Описание

Dify v1.6.0 was discovered to contain a Server-Side Request Forgery (SSRF) via the component controllers.console.remote_files.RemoteFileUploadApi. A different vulnerability than CVE-2025-29720.

Dify v1.6.0 was discovered to contain a Server-Side Request Forgery (SSRF) via the component controllers.console.remote_files.RemoteFileUploadApi. A different vulnerability than CVE-2025-29720.

Ссылки

EPSS

Процентиль: 69%

0.00593

Низкий

5.3 Medium

CVSS3

CVE ID

Дефекты

CWE-918

Связанные уязвимости

CVE-2025-56520

CVSS3: 5.3

nvd

4 месяца назад

Dify v1.6.0 was discovered to contain a Server-Side Request Forgery (SSRF) via the component controllers.console.remote_files.RemoteFileUploadApi. A different vulnerability than CVE-2025-29720.

EPSS

Процентиль: 69%

0.00593

Низкий

5.3 Medium

CVSS3

CVE ID

Дефекты

CWE-918