Vulnerability Details CVE-2020-15879
Bitwarden Server 1.35.1 allows SSRF because it does not consider certain IPv6 addresses (ones beginning with fc, fd, fe, or ff, and the :: address) and certain IPv4 addresses (0.0.0.0/8, 127.0.0.0/8, and 169.254.0.0/16).
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 53.9%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References