Lucene search
Veracode Vulnerability DatabaseVERACODE:35801HistoryJun 02, 2022 - 3:43 a.m.
Server-side Request Forgery (SSRF)
2022-06-0203:43:53
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
10
0.001 Low
EPSS
Percentile
50.5%
github.com/gogs/gogs is vulnerable to server-side request forgery. The vulnerability exists because the isLocalHostname function of webhook.go does not properly validate the IP addresses before redirect, allowing an attacker to gain access to response data by making an HTTP request to untrusted URLs
Related
alpinelinux
alpinelinux
CVE-2022-1285
2022-06-01 06:15:07
gitlab
gitlab
Server-Side Request Forgery in gogs webhook
2022-06-03 00:00:00
osv
osv
Server-Side Request Forgery in gogs webhook
2022-06-03 15:35:32
CVE-2022-1285
2022-06-01 06:15:07
cvelist
cvelist
CVE-2022-1285 Server-Side Request Forgery (SSRF) in gogs/gogs
2022-06-01 05:55:10
huntr
huntr
FULL read SSRF
2022-04-06 15:10:31
prion
prion
Server side request forgery (ssrf)
2022-06-01 06:15:00
nvd
nvd
CVE-2022-1285
2022-06-01 06:15:07
github
github
Server-Side Request Forgery in gogs webhook
2022-06-03 15:35:32
cve
cve
CVE-2022-1285
2022-06-01 06:15:07
openvas
openvas
Gogs < 0.12.8 SSRF Vulnerability
2022-06-02 00:00:00
cnvd
cnvd
Gogs server request forgery vulnerability
2022-06-02 00:00:00