CVE-2025-0474
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2025-0474
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-0474.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2025-0474
- Published
- 2025-01-14T19:15:32.930Z
- Modified
- 2025-11-20T12:32:23.879271Z
- Severity
-
- 7.7 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N CVSS Calculator
- Summary
- [none]
- Details
-
Invoice Ninja is vulnerable to authenticated Server-Side Request Forgery (SSRF) allowing for arbitrary file read and network resource requests as the application user. This issue affects Invoice Ninja: from 5.8.56 through 5.11.23.
- References
Affected packages
Git / github.com/invoiceninja/invoiceninja
Affected ranges
- Type
- GIT
- Repo
- https://github.com/invoiceninja/invoiceninja
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
5.*
5.8.56
v5.*
v5.0
v5.0.1
v5.0.10
v5.0.12
v5.0.12-release
v5.0.13
v5.0.13-release
v5.0.16
v5.0.16-release
v5.0.17
v5.0.17-release
v5.0.18
v5.0.18-release
v5.0.19
v5.0.19-release
v5.0.2
v5.0.20
v5.0.20-release
v5.0.21
v5.0.21-release
v5.0.22
v5.0.23
v5.0.23-release
v5.0.23r
v5.0.23r-release
v5.0.24
v5.0.24-release
v5.0.25
v5.0.25-release
v5.0.26
v5.0.26-release
v5.0.27
v5.0.27-release
v5.0.29
v5.0.29-release
v5.0.3
v5.0.30
v5.0.30-release
v5.0.31
v5.0.31-release
v5.0.33
v5.0.33-release
v5.0.34
v5.0.34-release
v5.0.35
v5.0.35-release
v5.0.36
v5.0.37
v5.0.38
v5.0.38-release
v5.0.39
v5.0.39-release
v5.0.4
v5.0.40
v5.0.41
v5.0.41-release
v5.0.42
v5.0.42-release
v5.0.43
v5.0.43-release
v5.0.44
v5.0.44-release
v5.0.45
v5.0.45-release
v5.0.46
v5.0.46-release
v5.0.47
v5.0.47-release
v5.0.48
v5.0.48-release
v5.0.49
v5.0.49-release
v5.0.5
v5.0.50
v5.0.50-release
v5.0.51
v5.0.51-release
v5.0.52
v5.0.52-release
v5.0.53
v5.0.53-release
v5.0.54
v5.0.54-release
v5.0.55
v5.0.55-release
v5.0.56
v5.0.56-release
v5.0.6
v5.0.7
v5.0.8
v5.0.9
v5.1.0
v5.1.0-release
v5.1.1
v5.1.1-release
v5.1.10
v5.1.10-release
v5.1.11
v5.1.11-release
v5.1.12
v5.1.12-release
v5.1.13
v5.1.13-release
v5.1.14
v5.1.14-release
v5.1.15
v5.1.15-release
v5.1.16
v5.1.16-release
v5.1.17
v5.1.17-release
v5.1.18
v5.1.18-release
v5.1.19
v5.1.19-release
v5.1.2
v5.1.2-release
v5.1.20
v5.1.20-release
v5.1.21
v5.1.21-release
v5.1.22
v5.1.22-release
v5.1.23
v5.1.23-release
v5.1.24
v5.1.24-release
v5.1.25
v5.1.25-release
v5.1.26
v5.1.26-release
v5.1.27
v5.1.27-release
v5.1.28
v5.1.28-release
v5.1.29
v5.1.29-release
v5.1.3
v5.1.3-release
v5.1.30
v5.1.30-release
v5.1.31
v5.1.31-release
v5.1.32
v5.1.32-release
v5.1.33
v5.1.33-release
v5.1.34
v5.1.34-release
v5.1.35
v5.1.35-release
v5.1.36
v5.1.36-release
v5.1.37
v5.1.37-release
v5.1.38
v5.1.38-release
v5.1.39
v5.1.39-release
v5.1.4
v5.1.4-release
v5.1.40
v5.1.40-release
v5.1.41
v5.1.41-release
v5.1.42
v5.1.42-release
v5.1.43
v5.1.43-release
v5.1.44
v5.1.44-release
v5.1.45
v5.1.45-release
v5.1.46
v5.1.46-release
v5.1.47
v5.1.47-release
v5.1.48
v5.1.48-release
v5.1.49
v5.1.49-release
v5.1.5
v5.1.5-release
v5.1.50
v5.1.50-release
v5.1.51
v5.1.51-release
v5.1.52
v5.1.52-release
v5.1.53
v5.1.53-release
v5.1.54
v5.1.54-release
v5.1.55
v5.1.55-release
v5.1.56
v5.1.56-release
v5.1.57
v5.1.57-release
v5.1.58
v5.1.58-release
v5.1.59
v5.1.59-release
v5.1.6
v5.1.6-release
v5.1.60
v5.1.60-release
v5.1.61
v5.1.61-release
v5.1.62
v5.1.62-release
v5.1.63
v5.1.63-release
v5.1.64
v5.1.64-release
v5.1.65
v5.1.65-release
v5.1.66
v5.1.66-release
v5.1.67
v5.1.67-release
v5.1.68
v5.1.68-release
v5.1.69
v5.1.69-release
v5.1.7
v5.1.7-release
v5.1.70
v5.1.70-release
v5.1.71
v5.1.71-release
v5.1.73
v5.1.73-release
v5.1.74
v5.1.74-release
v5.1.8
v5.1.8-release
v5.1.9
v5.1.9-release
v5.10.0
v5.10.1
v5.10.10
v5.10.11
v5.10.12
v5.10.13
v5.10.14
v5.10.15
v5.10.16
v5.10.17
v5.10.18
v5.10.19
v5.10.2
v5.10.20
v5.10.21
v5.10.22
v5.10.23
v5.10.24
v5.10.25
v5.10.26
v5.10.27
v5.10.28
v5.10.29
v5.10.3
v5.10.30
v5.10.31
v5.10.32
v5.10.33
v5.10.34
v5.10.35
v5.10.36
v5.10.37
v5.10.38
v5.10.39
v5.10.4
v5.10.40
v5.10.41
v5.10.42
v5.10.43
v5.10.44
v5.10.45
v5.10.46
v5.10.47
v5.10.48
v5.10.49
v5.10.5
v5.10.50
v5.10.51
v5.10.52
v5.10.53
v5.10.54
v5.10.55
v5.10.56
v5.10.57
v5.10.58
v5.10.59
v5.10.6
v5.10.60
v5.10.61
v5.10.62
v5.10.7
v5.10.8
v5.10.9
v5.11.0
v5.11.1
v5.11.2
v5.11.3
v5.11.4
v5.11.5
v5.11.6
v5.11.7
v5.2.0
v5.2.0-release
v5.2.1
v5.2.1-release
v5.2.10
v5.2.11
v5.2.12
v5.2.13
v5.2.14
v5.2.15
v5.2.16
v5.2.17
v5.2.18
v5.2.19
v5.2.2
v5.2.2-release
v5.2.3
v5.2.4
v5.2.4-1
v5.2.4-2
v5.2.4-3
v5.2.5
v5.2.5-release
v5.2.6
v5.2.7
v5.2.8
v5.2.9
v5.3.0
v5.3.1
v5.3.10
v5.3.100
v5.3.11
v5.3.12
v5.3.13
v5.3.14
v5.3.15
v5.3.16
v5.3.17
v5.3.18
v5.3.2
v5.3.20
v5.3.21
v5.3.22
v5.3.23
v5.3.24
v5.3.25
v5.3.26
v5.3.27
v5.3.28
v5.3.29
v5.3.3
v5.3.30
v5.3.31
v5.3.32
v5.3.33
v5.3.34
v5.3.35
v5.3.36
v5.3.37
v5.3.38
v5.3.39
v5.3.4
v5.3.40
v5.3.41
v5.3.42
v5.3.43
v5.3.44
v5.3.45
v5.3.46
v5.3.47
v5.3.48
v5.3.49
v5.3.5
v5.3.51
v5.3.52
v5.3.53
v5.3.54
v5.3.55
v5.3.56
v5.3.57
v5.3.58
v5.3.59
v5.3.6
v5.3.60
v5.3.61
v5.3.62
v5.3.63
v5.3.64
v5.3.66
v5.3.67
v5.3.68
v5.3.69
v5.3.7
v5.3.70
v5.3.71
v5.3.72
v5.3.73
v5.3.74
v5.3.75
v5.3.76
v5.3.77
v5.3.78
v5.3.79
v5.3.8
v5.3.80
v5.3.81
v5.3.82
v5.3.83
v5.3.84
v5.3.85
v5.3.86
v5.3.87
v5.3.88
v5.3.89
v5.3.9
v5.3.90
v5.3.91
v5.3.92
v5.3.93
v5.3.94
v5.3.95
v5.3.96
v5.3.97
v5.3.98
v5.3.99
v5.4.0
v5.4.1
v5.4.10
v5.4.11
v5.4.12
v5.4.2
v5.4.3
v5.4.4
v5.4.5
v5.4.6
v5.4.7
v5.4.8
v5.4.9
v5.5.0
v5.5.0-R1
v5.5.1
v5.5.10
v5.5.100
v5.5.101
v5.5.102
v5.5.103
v5.5.104
v5.5.105
v5.5.106
v5.5.107
v5.5.108
v5.5.109
v5.5.11
v5.5.110
v5.5.111
v5.5.112
v5.5.113
v5.5.114
v5.5.115
v5.5.116
v5.5.117
v5.5.118
v5.5.119
v5.5.12
v5.5.120
v5.5.121
v5.5.122
v5.5.123
v5.5.124
v5.5.13
v5.5.14
v5.5.15
v5.5.16
v5.5.17
v5.5.18
v5.5.19
v5.5.2
v5.5.20
v5.5.21
v5.5.22
v5.5.23
v5.5.24
v5.5.25
v5.5.26
v5.5.27
v5.5.28
v5.5.29
v5.5.3
v5.5.30
v5.5.31
v5.5.32
v5.5.33
v5.5.34
v5.5.35
v5.5.36
v5.5.37
v5.5.38
v5.5.39
v5.5.4
v5.5.40
v5.5.41
v5.5.42
v5.5.43
v5.5.44
v5.5.45
v5.5.46
v5.5.47
v5.5.5
v5.5.6
v5.5.7
v5.5.71
v5.5.73
v5.5.74
v5.5.75
v5.5.76
v5.5.77
v5.5.78
v5.5.79
v5.5.8
v5.5.80
v5.5.81
v5.5.82
v5.5.83
v5.5.84
v5.5.85
v5.5.86
v5.5.87
v5.5.88
v5.5.89
v5.5.9
v5.5.90
v5.5.91
v5.5.92
v5.5.93
v5.5.94
v5.5.95
v5.5.96
v5.5.97
v5.5.98
v5.5.99
v5.6.0
v5.6.1
v5.6.10
v5.6.11
v5.6.12
v5.6.13
v5.6.14
v5.6.15
v5.6.16
v5.6.17
v5.6.18
v5.6.19
v5.6.2
v5.6.20
v5.6.21
v5.6.22
v5.6.23
v5.6.24
v5.6.25
v5.6.26
v5.6.27
v5.6.28
v5.6.29
v5.6.3
v5.6.30
v5.6.31
v5.6.4
v5.6.5
v5.6.6
v5.6.7
v5.6.8
v5.6.9
v5.7.10
v5.7.11
v5.7.12
v5.7.13
v5.7.14
v5.7.15
v5.7.16
v5.7.17
v5.7.18
v5.7.19
v5.7.20
v5.7.21
v5.7.22
v5.7.23
v5.7.24
v5.7.25
v5.7.26
v5.7.27
v5.7.28
v5.7.29
v5.7.30
v5.7.31
v5.7.32
v5.7.33
v5.7.34
v5.7.35
v5.7.36
v5.7.37
v5.7.38
v5.7.39
v5.7.40
v5.7.41
v5.7.42
v5.7.43
v5.7.44
v5.7.45
v5.7.46
v5.7.47
v5.7.48
v5.7.49
v5.7.50
v5.7.51
v5.7.52
v5.7.53
v5.7.54
v5.7.55
v5.7.56
v5.7.57
v5.7.58
v5.7.59
v5.7.60
v5.7.61
v5.7.62
v5.7.63
v5.7.7
v5.7.8
v5.7.9
v5.8.0
v5.8.1
v5.8.10
v5.8.11
v5.8.12
v5.8.13
v5.8.14
v5.8.15
v5.8.16
v5.8.17
v5.8.18
v5.8.19
v5.8.2
v5.8.20
v5.8.21
v5.8.22
v5.8.23
v5.8.24
v5.8.25
v5.8.26
v5.8.27
v5.8.28
v5.8.29
v5.8.3
v5.8.30
v5.8.31
v5.8.32
v5.8.33
v5.8.34
v5.8.35
v5.8.36
v5.8.37
v5.8.38
v5.8.39
v5.8.4
v5.8.40
v5.8.41
v5.8.42
v5.8.43
v5.8.44
v5.8.45
v5.8.46
v5.8.47
v5.8.48
v5.8.49
v5.8.5
v5.8.50
v5.8.51
v5.8.52
v5.8.53
v5.8.54
v5.8.55
v5.8.56
v5.8.57
v5.8.6
v5.8.7
v5.8.8
v5.8.9
v5.9.0
v5.9.1
v5.9.2
v5.9.3
v5.9.4
v5.9.5
v5.9.6
v5.9.7
v5.9.8
v5.9.9