CVE-2022-23080: Server-Side Request Forgery (SSRF)
In directus versions v9.0.0-beta.2 through 9.6.0 is vulnerable to server-side request forgery (SSRF) in the media upload functionality which allows a low privileged user to perform internal network port scans.
References
Code Behaviors & Features
Detect and mitigate CVE-2022-23080 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →