Количество 2
Количество 2
CVE-2022-23464
Nepxion Discovery is a solution for Spring Cloud. Discovery is vulnerable to a potential Server-Side Request Forgery (SSRF). RouterResourceImpl uses RestTemplate’s getForEntity to retrieve the contents of a URL containing user-controlled input, potentially resulting in Information Disclosure. There is no patch available for this issue at time of publication. There are no known workarounds.
GHSA-hhxh-qphc-v423
Nepxion Discovery vulnerable to potential Information Disclosure due to Server-Side Request Forgery
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2022-23464 Nepxion Discovery is a solution for Spring Cloud. Discovery is vulnerable to a potential Server-Side Request Forgery (SSRF). RouterResourceImpl uses RestTemplate’s getForEntity to retrieve the contents of a URL containing user-controlled input, potentially resulting in Information Disclosure. There is no patch available for this issue at time of publication. There are no known workarounds. | CVSS3: 4.3 | 0% Низкий | больше 3 лет назад |
| GHSA-hhxh-qphc-v423 Nepxion Discovery vulnerable to potential Information Disclosure due to Server-Side Request Forgery | CVSS3: 4.3 | 0% Низкий | больше 3 лет назад |
Уязвимостей на страницу