CVE-2025-2987

LOW Year: 2025
CVSS v3 Score
3.8
Low
Weakness Type
CWE-918
View all →

Vulnerability Description

IBM Maximo Asset Management 7.6.1.3 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks.

Related Vulnerabilities

CVE-2024-0628

LOW
CVSS:3.8(Low)

The WP RSS Aggregator plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.23.5 via the RSS feed source in admin settings. This makes it possible f...

CWE-9182024

CVE-2024-13838

LOW
CVSS:3.8(Low)

The Uncanny Automator – Easy Automation, Integration, Webhooks & Workflow Builder Plugin plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 6.2 via...

CWE-9182024

CVE-2024-29319

LOW
CVSS:3.8(Low)

Volmarg Personal Management System 1.4.64 is vulnerable to SSRF (Server Side Request Forgery) via uploading a SVG file. The server can make unintended HTTP and DNS requests to a server that the attack...

CWE-9182024

CVE-2022-0085

LOW
CVSS:3.7(Low)

Server-Side Request Forgery (SSRF) in GitHub repository dompdf/dompdf prior to 2.0.0.

CWE-9182022

CVE-2023-48711

LOW
CVSS:3.7(Low)

google-translate-api-browser is an npm package which interfaces with the google translate web api. A Server-Side Request Forgery (SSRF) Vulnerability is present in applications utilizing the `google-t...

CWE-9182023

CVE-2024-0243

LOW
CVSS:3.7(Low)

With the following crawler configuration: ```python from bs4 import BeautifulSoup as Soup url = "https://example.com" loader = RecursiveUrlLoader( url=url, max_depth=2, extractor=lambda x: Soup(x, "ht...

CWE-9182024