CVE-2022-1722

Summary

SSRF in editor's proxy via IPv6 link-local address in GitHub repository jgraph/drawio prior to 18.0.5. SSRF to internal link-local IPv6 addresses

Affected Software

VendorProductVersion RangeStatus
jgraphjgraph/drawiounspecified < 18.0.5affected

Weaknesses

  • CWE-918: CWE-918 Server-Side Request Forgery (SSRF)

ADP Enrichment

CVE Program Container

Additional References

References