CVE-2023-5572

Description

Server-Side Request Forgery (SSRF) in GitHub repository vriteio/vrite prior to 0.3.0.

How to fix CVE-2023-5572

To remediate CVE-2023-5572, upgrade the affected package to a fixed version below.

• npm/@vrite/sdk—upgrade to 0.3.0 or later

Is CVE-2023-5572 being exploited?

Low — EPSS is 0.2%, meaning exploitation activity has not been observed at scale.

Affected packages (1)

• from 0, < 0.3.0

CVSS scores

References (4)

• ADVISORYnvd.nist.gov/vuln/detail/CVE-2023-5572
• PATCHgithub.com/vriteio/vrite
• WEBgithub.com/vriteio/vrite/commit/1877683b932bb33fb20d688e476284b70bb9fe23
• WEBhuntr.dev/bounties/db649f1b-8578-4ef0-8df3-d320ab33f1be