exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 4

CVE-2022-26499

почти 4 года назад

An SSRF issue was discovered in Asterisk through 19.x. When using STIR/SHAKEN, it's possible to send arbitrary requests (such as GET) to interfaces such as localhost by using the Identity header. This is fixed in 16.25.2, 18.11.2, and 19.3.2.

CVSS3: 9.1

EPSS: Низкий

CVE-2022-26499

почти 4 года назад

An SSRF issue was discovered in Asterisk through 19.x. When using STIR/SHAKEN, it's possible to send arbitrary requests (such as GET) to interfaces such as localhost by using the Identity header. This is fixed in 16.25.2, 18.11.2, and 19.3.2.

CVSS3: 9.1

EPSS: Низкий

CVE-2022-26499

почти 4 года назад

An SSRF issue was discovered in Asterisk through 19.x. When using STIR ...

CVSS3: 9.1

EPSS: Низкий

GHSA-fwqw-pr3c-3j3r

почти 4 года назад

An SSRF issue was discovered in Asterisk through 19.x. When using STIR/SHAKEN, it's possible to send arbitrary requests (such as GET) to interfaces such as localhost by using the Identity header. This is fixed in 16.25.2, 18.11.2, and 19.3.2.

CVSS3: 9.1

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2022-26499 An SSRF issue was discovered in Asterisk through 19.x. When using STIR/SHAKEN, it's possible to send arbitrary requests (such as GET) to interfaces such as localhost by using the Identity header. This is fixed in 16.25.2, 18.11.2, and 19.3.2.	CVSS3: 9.1	0% Низкий	почти 4 года назад
CVE-2022-26499 An SSRF issue was discovered in Asterisk through 19.x. When using STIR/SHAKEN, it's possible to send arbitrary requests (such as GET) to interfaces such as localhost by using the Identity header. This is fixed in 16.25.2, 18.11.2, and 19.3.2.	CVSS3: 9.1	0% Низкий	почти 4 года назад
CVE-2022-26499 An SSRF issue was discovered in Asterisk through 19.x. When using STIR ...	CVSS3: 9.1	0% Низкий	почти 4 года назад
GHSA-fwqw-pr3c-3j3r An SSRF issue was discovered in Asterisk through 19.x. When using STIR/SHAKEN, it's possible to send arbitrary requests (such as GET) to interfaces such as localhost by using the Identity header. This is fixed in 16.25.2, 18.11.2, and 19.3.2.	CVSS3: 9.1	0% Низкий	почти 4 года назад

Уязвимостей на страницу