CVE-2022-1379

Name of the Vulnerable Software and Affected Versions plantuml/plantuml versions prior to V1.2022.5

Description The issue allows an attacker to bypass URL restrictions imposed by different security profiles, achieving server-side request forgery (SSRF). This enables access to restricted internal resources or servers and allows sending requests to third-party servers.

Recommendations For versions prior to V1.2022.5, update to version V1.2022.5 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive internal resources and servers to minimize the risk of exploitation.