ГлавнаяУязвимости → CVE-2025-68696
8.2высокая

CVE-2025-68696

Описание

httparty is an API tool. In versions 0.23.2 and prior, httparty is vulnerable to SSRF. This issue can pose a risk of leaking API keys, and it can also allow third parties to issue requests to internal servers. This issue has been patched via commit 0529bcd.

Затрагиваемое ПО
Jnunemaker Httparty
CVSS
Балл8.2 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
Источники
https://github.com/jnunemaker/httparty/commit/0529bcd6309c9fd9bfdd50ae211843b10054c240https://github.com/jnunemaker/httparty/security/advisories/GHSA-hm5p-x4rq-38w4https://github.com/jnunemaker/httparty/security/advisories/GHSA-hm5p-x4rq-38w4