Lucene search
GoogleOSV:GHSA-5H75-PVQ4-82C9HistoryJun 23, 2022 - 12:00 a.m.
Server-Side Request Forgery in Directus
2022-06-2300:00:33
Google
osv.dev
8
0.001 Low
EPSS
Percentile
21.6%
Directus versions v9.0.0-beta.2 through 9.6.0 are vulnerable to server-side request forgery (SSRF) in the media upload functionality, which allows a low privileged user to perform internal network port scans.
| CPE | Name | Operator | Version |
|---|---|---|---|
| directus | lt | 9.7.0 | |
| directus | ge | 9.0.0-beta.2 |
Related
osv
osv
CVE-2022-23080
2022-06-22 16:15:07
Directus vulnerable to Server-Side Request Forgery On File Import
2023-03-03 23:07:35
cvelist
cvelist
CVE-2022-23080 directus - SSRF which leads to internal port scan
2022-01-11 00:00:00
cve
cve
CVE-2022-23080
2022-06-22 16:15:07
prion
prion
Server side request forgery (ssrf)
2022-06-22 16:15:00
veracode
veracode
Server-Side Request Forgery (SSRF)
2022-06-23 07:56:23
Server-side Request Forgery (SSRF)
2023-03-12 12:40:23
nvd
nvd
CVE-2022-23080
2022-06-22 16:15:07
github
github
Server-Side Request Forgery in Directus
2022-06-23 00:00:33
Directus vulnerable to Server-Side Request Forgery On File Import
2023-03-03 23:07:35