How severe is CVE-2022-29180?

This vulnerability has a severity rating of CRITICAL with a CVSS score of 9.8 out of 10.

What type of vulnerability is CVE-2022-29180?

This is classified as CWE-918, which is a common weakness in software security.

CVE-2022-29180

CRITICAL Year: 2022

CVSS v3 Score

9.8

Critical

CVSS v2 Score

7.5

High

Weakness Type

CWE-918

View all →

Vulnerability Description

A vulnerability in which attackers could forge HTTP requests to manipulate the `charm` data directory to access or delete anything on the server. This has been patched and is available in release [v0.12.1](https://github.com/charmbracelet/charm/releases/tag/v0.12.1). We recommend that all users running self-hosted `charm` instances update immediately. This vulnerability was found in-house and we haven't been notified of any potential exploiters. ### Additional notes * Encrypted user data uploaded to the Charm server is safe as Charm servers cannot decrypt user data. This includes filenames, paths, and all key-value data. * Users running the official Charm [Docker images](https://github.com/charmbracelet/charm/blob/main/docker.md) are at minimal risk because the exploit is limited to the containerized filesystem.

CVE-2002-1484

CRITICAL

CVSS:9.8(Critical)

DB4Web server, when configured to use verbose debug messages, allows remote attackers to use DB4Web as a proxy and attempt TCP connections to other systems (port scan) via a request for a URL that spe...

CWE-9182002

CVE-2004-2061

CRITICAL

CVSS:9.8(Critical)

RiSearch 1.0.01 and RiSearch Pro 3.2.06 allows remote attackers to use the show.pl script as an open proxy, or read arbitrary local files, by setting the url parameter to a (1) http://, (2) ftp://, or...

CWE-9182004

CVE-2013-4864

CRITICAL

CVSS:9.8(Critical)

MiCasaVerde VeraLite with firmware 1.5.408 allows remote attackers to send HTTP requests to intranet servers via the url parameter to cgi-bin/cmh/proxy.sh, related to a Server-Side Request Forgery (SS...

CWE-9182013

CVE-2017-0889

CRITICAL

CVSS:9.8(Critical)

Paperclip ruby gem version 3.1.4 and later suffers from a Server-SIde Request Forgery (SSRF) vulnerability in the Paperclip::UriAdapter class. Attackers may be able to access information about interna...

CWE-9182017

CVE-2017-0905

CRITICAL

CVSS:9.8(Critical)

The Recurly Client Ruby Library before 2.0.13, 2.1.11, 2.2.5, 2.3.10, 2.4.11, 2.5.4, 2.6.3, 2.7.8, 2.8.2, 2.9.2, 2.10.4, 2.11.3 is vulnerable to a Server-Side Request Forgery vulnerability in the "Res...

CWE-9182017

CVE-2017-0906

CRITICAL

CVSS:9.8(Critical)

The Recurly Client Python Library before 2.0.5, 2.1.16, 2.2.22, 2.3.1, 2.4.5, 2.5.1, 2.6.2 is vulnerable to a Server-Side Request Forgery vulnerability in the "Resource.get" method that could result i...

CWE-9182017

CVE-2022-29180

Vulnerability Description

Related Vulnerabilities

CVE-2002-1484

CVE-2004-2061

CVE-2013-4864

CVE-2017-0889

CVE-2017-0905

CVE-2017-0906