exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 7

BDU:2023-05169

больше 2 лет назад

Уязвимость пакета Request программной платформы Node.js, позволяющая нарушителю осуществить SSRF-атаку

CVSS3: 6.1

EPSS: Низкий

CVE-2023-28155

больше 2 лет назад

The Request package through 2.88.1 for Node.js allows a bypass of SSRF mitigations via an attacker-controller server that does a cross-protocol redirect (HTTP to HTTPS, or HTTPS to HTTP). NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

CVSS3: 6.1

EPSS: Низкий

CVE-2023-28155

больше 2 лет назад

The Request package through 2.88.1 for Node.js allows a bypass of SSRF mitigations via an attacker-controller server that does a cross-protocol redirect (HTTP to HTTPS, or HTTPS to HTTP). NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

CVSS3: 6.1

EPSS: Низкий

CVE-2023-28155

больше 2 лет назад

The Request package through 2.88.1 for Node.js allows a bypass of SSRF mitigations via an attacker-controller server that does a cross-protocol redirect (HTTP to HTTPS, or HTTPS to HTTP). NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

CVSS3: 6.1

EPSS: Низкий

CVE-2023-28155

больше 2 лет назад

The Request package through 2.88.1 for Node.js allows a bypass of SSRF mitigations via an attacker-controller server that does a cross-protocol redirect (HTTP to HTTPS or HTTPS to HTTP). NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

CVSS3: 6.1

EPSS: Низкий

CVE-2023-28155

больше 2 лет назад

The Request package through 2.88.1 for Node.js allows a bypass of SSRF ...

CVSS3: 6.1

EPSS: Низкий

GHSA-p8p7-x288-28g6

больше 2 лет назад

Server-Side Request Forgery in Request

CVSS3: 6.1

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
BDU:2023-05169 Уязвимость пакета Request программной платформы Node.js, позволяющая нарушителю осуществить SSRF-атаку	CVSS3: 6.1	1% Низкий	больше 2 лет назад
CVE-2023-28155 The Request package through 2.88.1 for Node.js allows a bypass of SSRF mitigations via an attacker-controller server that does a cross-protocol redirect (HTTP to HTTPS, or HTTPS to HTTP). NOTE: This vulnerability only affects products that are no longer supported by the maintainer.	CVSS3: 6.1	1% Низкий	больше 2 лет назад
CVE-2023-28155 The Request package through 2.88.1 for Node.js allows a bypass of SSRF mitigations via an attacker-controller server that does a cross-protocol redirect (HTTP to HTTPS, or HTTPS to HTTP). NOTE: This vulnerability only affects products that are no longer supported by the maintainer.	CVSS3: 6.1	1% Низкий	больше 2 лет назад
CVE-2023-28155 The Request package through 2.88.1 for Node.js allows a bypass of SSRF mitigations via an attacker-controller server that does a cross-protocol redirect (HTTP to HTTPS, or HTTPS to HTTP). NOTE: This vulnerability only affects products that are no longer supported by the maintainer.	CVSS3: 6.1	1% Низкий	больше 2 лет назад
CVE-2023-28155 The Request package through 2.88.1 for Node.js allows a bypass of SSRF mitigations via an attacker-controller server that does a cross-protocol redirect (HTTP to HTTPS or HTTPS to HTTP). NOTE: This vulnerability only affects products that are no longer supported by the maintainer.	CVSS3: 6.1	1% Низкий	больше 2 лет назад
CVE-2023-28155 The Request package through 2.88.1 for Node.js allows a bypass of SSRF ...	CVSS3: 6.1	1% Низкий	больше 2 лет назад
GHSA-p8p7-x288-28g6 Server-Side Request Forgery in Request	CVSS3: 6.1	1% Низкий	больше 2 лет назад

Уязвимостей на страницу