CVE-2025-29720 Information

Description

Dify v1.0 was discovered to contain a Server-Side Request Forgery (SSRF) via the component controllers.console.remote_files.RemoteFileUploadApi.

Reference

https://dify.ai https://github.com/langgenius/dify/issues/15185