Summary
Lokka: Azure Resource Manager URL path validation issue
References
Related vulnerabilities
All Supply chain →- MEDIUMGHSA-H5RG-8P7F-47G2
SurrealDB: SSRF via JWKS URL — Redirect Following in JWT Key Fetch
- MEDIUMGHSA-4CC2-G9W2-FHF6
Zeep: Server-Side Request Forgery (SSRF)
- HIGHGHSA-MRVX-JMJW-VGGC
SearXNG MCP Server: DNS-resolved Private Hostname SSRF in `web_url_read`
- MEDIUMGHSA-W4MC-HHC6-XP28
Mailpit: Incomplete SSRF protection in Link Check API via IPv6 transition mechanisms
- MEDIUMGHSA-Q59X-JC9F-GFQF
Signal K Server: Server-Side Request Forgery via Remote Connection Endpoints
- MEDIUMGHSA-GXG4-2RRR-JHC7
OpenClaw: Hostname checks could treat trailing-dot hosts inconsistently