Skip to content

/ securitylab

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Java] CWE-918: Query for server side request forgery (SSRF) detection #80

Closed
ghost opened this issue May 12, 2020 · 3 comments
Closed

[Java] CWE-918: Query for server side request forgery (SSRF) detection #80

ghost opened this issue May 12, 2020 · 3 comments
Labels
All For One

Comments

@ghost
Copy link

@ghost ghost commented May 12, 2020

CVE ID(s)

None

Report

If network request are made using java.net.URL constructed directly from a user-provided value, an attacker might be able to bypass security restrictions such as external firewalls and execute request on internal services by providing URLs like http://127.0.0.1:8081/admin

Related pull request:
github/codeql#3452

  • Are you planning to discuss this vulnerability submission publicly? (Blog Post, social networks, etc). We would love to have you spread the word about the good work you are doing
@ghost ghost added the All For One label May 12, 2020
@ghsecuritylab
Copy link
Collaborator

@ghsecuritylab ghsecuritylab commented Aug 20, 2020

Your submission is now in status SecLab finalize.

For information, the evaluation workflow is the following:
CodeQL initial assessment > SecLab review > CodeQL review > SecLab finalize > Pay > Closed
@xcorail
Copy link
Contributor

@xcorail xcorail commented Aug 27, 2020

Thanks for the submission! We have reviewed your report and validated your findings. After internally assessing the findings and the query we have determined this query is not eligible for a reward under the Bug Bounty program for the following reason: Duplicate submission, PR rejected,

Best regards and happy hacking!
@xcorail xcorail closed this Aug 27, 2020
@ghsecuritylab
Copy link
Collaborator

@ghsecuritylab ghsecuritylab commented Aug 27, 2020

Your submission is now in status Closed.

For information, the evaluation workflow is the following:
CodeQL initial assessment > SecLab review > CodeQL review > SecLab finalize > Pay > Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
All For One
Projects
None yet
Milestone
No milestone
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
3 participants
@xcorail @ghsecuritylab and others
You can’t perform that action at this time.