logo

Database

Server-side request forgery (SSRF) In net.sourceforge.plantuml:plantuml

Description

PlantUML Server-Side Request Forgery vulnerability Server-Side Request Forgery (SSRF) in GitHub repository plantuml/plantuml prior to 1.2023.9.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version
Patched versions

Aliases

1. CVE-2023-34322. NVD-2023-34323. OSV-2023-34324. OSV-DEBIAN-2023-34325. GCVE-2023-34326. SECURITY-TRACKER-CVE-2023-3432

References

1. https://github.com/plantuml/plantuml/commit/b32500bb61ae617bb312496d6d832e4be81907972. https://huntr.dev/bounties/8ac3316f-431c-468d-87e4-3dafff2ecf513. https://lists.fedoraproject.org/archives/list/[email protected]/message/FV7XL3CY3K3K5ER3ASMEQA546MIQQ7QM

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.