Security Advisory

CVE-2025-2691

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-03-23 14:21:36

Last updated 2025-03-24 12:25:04

Assigner snyk

State PUBLISHED

Description

Versions of the package nossrf before 1.0.4 are vulnerable to Server-Side Request Forgery (SSRF) where an attacker can provide a hostname that resolves to a local or reserved IP address space and bypass the SSRF protection mechanism.

← Browse all CVEs View on cve.org ↗