Résumé
Open WebUI: Path traversal / SSRF in terminal server proxy via encoded path traversal
Références
Vulnérabilités liées
Tout Supply chain →- CRITICALGHSA-365W-HQF6-VXFG
Crawl4AI: Multiple Docker API Vulnerabilities - File Write, SSRF, Auth Bypass, XSS, JS Execution
- MEDIUMGHSA-Q59X-JC9F-GFQF
Signal K Server: Server-Side Request Forgery via Remote Connection Endpoints
- MEDIUMGHSA-GXG4-2RRR-JHC7
OpenClaw: Hostname checks could treat trailing-dot hosts inconsistently
- HIGHGHSA-WM69-2PC3-RMMF
Crawl4AI: Unauthenticated SSRF on the Docker server streaming crawl path (/crawl/stream)
- CRITICALGHSA-2JQ4-Q6VV-4CP3
Crawl4AI: Arbitrary file write (path traversal) in crawler downloads can lead to RCE
- CRITICALGHSA-HXPF-9XVQ-WPH8
netlicensing-mcp: REST Path Traversal Bypasses Token Redaction