{"vulnerability": "CVE-2025-1211", "sightings": [{"uuid": "4ce8a2db-878e-49bf-a6ec-cb32c657d343", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1211", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lhv7yetsov2q", "content": "", "creation_timestamp": "2025-02-11T08:19:44.635156Z"}, {"uuid": "e57637ce-2260-45cc-a37a-c8b5fcac5166", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-12115", "type": "seen", "source": "https://gist.github.com/Darkcrai86/77063862496894da30ef0f15567a04b4", "content": "", "creation_timestamp": "2025-10-31T10:49:46.000000Z"}, {"uuid": "ab022588-a91b-4879-b020-695de5a12033", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1211", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113983508330316842", "content": "", "creation_timestamp": "2025-02-11T05:05:10.545493Z"}, {"uuid": "030b0e17-c005-4e98-8191-92ff72909c63", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1211", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhuvpsipft27", "content": "", "creation_timestamp": "2025-02-11T05:15:58.873692Z"}, {"uuid": "226a2f6d-5420-4699-8ef7-b67982978d93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-12110", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3m3umpovj322o", "content": "", "creation_timestamp": "2025-10-23T14:58:43.923258Z"}, {"uuid": "b6eb9ac3-e06a-4451-9219-3e674c63057b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-12112", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3m53xpqkk2k2x", "content": "", "creation_timestamp": "2025-11-08T06:29:26.664796Z"}, {"uuid": "2ea712df-74de-4783-96cc-8c390570a1b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-12112", "type": "seen", "source": "https://bsky.app/profile/jos1264.social.skynetcloud.site.ap.brid.gy/post/3m53vashd7pk2", "content": "", "creation_timestamp": "2025-11-08T05:45:26.489937Z"}, {"uuid": "3a39f640-fd85-489b-94df-9af8398a5b84", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1211", "type": "seen", "source": "https://t.me/cvedetector/17657", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-1211 - Hackney SSRF Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-1211 \nPublished : Feb. 11, 2025, 5:15 a.m. | 40\u00a0minutes ago \nDescription : Versions of the package hackney from 0.0.0 are vulnerable to Server-side Request Forgery (SSRF) due to improper parsing of URLs by URI built-in module and hackey. Given the URL , the URI function will parse and see the host as 127.0.0.1 (which is correct), and hackney will refer the host as 127.2.2.2/.   \nThis vulnerability can be exploited when users rely on the URL function for host checking. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"11 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-11T07:18:57.000000Z"}, {"uuid": "8be7a164-02d0-44e4-9557-f90f9360a367", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1211", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/7712", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-1211\n\ud83d\udd25 CVSS Score: 6.3 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:L/SA:L/E:P)\n\ud83d\udd39 Description: Versions of the package hackney before 1.21.0 are vulnerable to Server-side Request Forgery (SSRF) due to improper parsing of URLs by URI built-in module and hackey. Given the URL http://127.0.0.1?@127.2.2.2/, the URI function will parse and see the host as 127.0.0.1 (which is correct), and hackney will refer the host as 127.2.2.2/. This vulnerability can be exploited when users rely on the URL function for host checking.\n\ud83d\udccf Published: 2025-02-11T05:00:00.994Z\n\ud83d\udccf Modified: 2025-03-16T12:48:56.614Z\n\ud83d\udd17 References:\n1. https://security.snyk.io/vuln/SNYK-HEX-HACKNEY-6516131\n2. https://gist.github.com/snoopysecurity/996de09ec0cfd0ebdcfdda8ff515deb1\n3. https://www.blackhat.com/docs/us-17/thursday/us-17-Tsai-A-New-Era-Of-SSRF-Exploiting-URL-Parser-In-Trending-Programming-Languages.pdf\n4. https://github.com/benoitc/hackney/commit/9594ce58fabd32cd897fc28fae937694515a3d4a", "creation_timestamp": "2025-03-16T13:49:26.000000Z"}, {"uuid": "57ee7b62-d579-4f9f-afb1-822d50440515", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1211", "type": "seen", "source": "Telegram/EaoF4DzjzoRVuHEevdLYNxAAp2wtCXXuVjAq_5CtXsUIoDeY", "content": "", "creation_timestamp": "2025-02-14T10:01:38.000000Z"}]}