CVE-2022-24969
CVSS v3.1
6.1 (Medium)
CVSS v2.0
5.8 (Medium)
EPSS
0.13 % (49th)
Affected Products
1
Advisories
1
bypass CVE-2021-25640 > In Apache Dubbo prior to 2.6.12 and 2.7.15, the usage of parseURL method will lead to the bypass of the white host check which can cause open redirect or SSRF vulnerability.
Weaknesses
- CWE-601
- URL Redirection to Untrusted Site ('Open Redirect')
- CWE-918
- Server-Side Request Forgery (SSRF)
Related CVEs
- CVE Status
- PUBLISHED
- CNA
- Apache Software Foundation
- Published Date
-
2022-06-09 16:15:08
(2 years ago) - Updated Date
-
2022-06-15 18:56:30
(2 years ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...