CVE-2025-0184 MEDIUM

CVE-2025-0184: Server-Side Request Forgery (SSRF) in langgenius/dify

Vendor Langgenius
Product langgenius/dify
Weakness CWE-918 · SSRF
Published March 20, 2025
Last update March 20, 2025
View on NVD All CVEs

CVSS base score

6.5/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality High
Integrity None

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

What the vulnerability does

01Description

A Server-Side Request Forgery (SSRF) vulnerability was identified in langgenius/dify version 0.10.2. The vulnerability occurs in the 'Create Knowledge' section when uploading DOCX files. If an external relationship exists in the DOCX file, the reltype value is requested as a URL using the 'requests' module instead of the 'ssrf_proxy', leading to an SSRF vulnerability. This issue was fixed in version 0.11.0.

Key dates

02Disclosure timeline

March 20, 2025 CVE published
March 20, 2025 Record updated

Related vulnerabilities

04Related CVE

CVE-2024-41118 streamlit-geospatial blind SSRF in pages/7_📦_Web_Map_Service.py CVE-2026-45298 Dozzle: Pre-auth SSRF with response-body reflection via POST /api/notifications/test-webhook (default no-auth deploy) CVE-2025-8772 Vinades NukeViet Module index.php server-side request forgery CVE-2026-26013 LangChain affected by SSRF via image_url token counting in ChatOpenAI.get_num_tokens_from_messages CVE-2026-3789 Bytedesk SpringAIGiteeRestController SpringAIGiteeRestService.java getModels server-side request forgery