216.73.217.64

CVE-2025-68696

· Published 23/12/2025 23:15 · Modified 24/12/2025 15:16

Labels: CVE-2025-68696 2025-12-23CVE-2025-68696CWE-918[email protected]

Essential information

Published
23/12/2025 23:15
Modified
24/12/2025 15:16
Author
Creator
CVSS
8.8 HIGH (v3) 8.8 HIGH (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

httparty is an API tool. In versions 0.23.2 and prior, httparty is vulnerable to SSRF. This issue can pose a risk of leaking API keys, and it can also allow third parties to issue requests to internal servers. This issue has been patched via commit 0529bcd.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
httparty / httparty cpe:2.3:a:httparty:httparty:0.23.2:*:*:*:*:*:*:*
httparty / httparty cpe:2.3:a:httparty:httparty:<0.23.2:*:*:*:*:*:*:*

References