Headline
GHSA-58g2-vgpg-335q: request-baskets vulnerable to Server-Side Request Forgery
request-baskets up to v1.2.1 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /api/baskets/{name}. This vulnerability allows attackers to access network resources and sensitive information via a crafted API request.
request-baskets vulnerable to Server-Side Request Forgery
Moderate severity GitHub Reviewed Published Mar 31, 2023 to the GitHub Advisory Database • Updated Mar 31, 2023
Related news
Maltrail version 0.53 suffers from an unauthenticated remote code execution vulnerability.
Request-Baskets version 1.2.1 suffers from a server-side request forgery vulnerability.
request-baskets up to v1.2.1 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /api/baskets/{name}. This vulnerability allows attackers to access network resources and sensitive information via a crafted API request.