CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

SUSE CVE•added 2026/03/25 12:24 a.m.•3 views

SUSE CVE-2026-31960

Quill provides simple mac binary signing and notarization from any platform. Quill before version v0.7.1 has unbounded reads of HTTP response bodies during the Apple notarization process. Exploitation requires the ability to modify API responses from Apple's notarization service, which is not...

5.3CVSS5.9AI score0.00017EPSS

Exploits0References3

OSV•added 2026/03/12 8:57 p.m.•1 views

GO-2026-4671 Quill vulnerable to SSRF via unvalidated URL from Apple notarization log retrieval in github.com/anchore/quill

Quill vulnerable to SSRF via unvalidated URL from Apple notarization log retrieval in github.com/anchore/quill...

5.3CVSS5.8AI score0.0002EPSS

Exploits0References5

Vulnrichment•added 2026/03/11 7:30 p.m.•1 views

CVE-2026-31959 SSRF in Quill via unvalidated URL from Apple notarization log retrieval

Quill provides simple mac binary signing and notarization from any platform. Quill before version v0.7.1 contains a Server-Side Request Forgery SSRF vulnerability when attempting to fetch the Apple notarization submission logs. Exploitation requires the ability to modify API responses from Apple'...

5.3CVSS5.9AI score0.0002EPSS

Exploits0References1

OSV•added 2026/03/11 7:30 p.m.•2 views

CVE-2026-31959 SSRF in Quill via unvalidated URL from Apple notarization log retrieval

5.3CVSS5.9AI score0.0002EPSS

Exploits0References3

OSV•added 2026/03/11 12:38 a.m.•3 views

GHSA-G32C-4PVP-769G Quill has DoS via unbounded read of HTTP response body during notarization

Impact Quill before version v0.7.1 has unbounded reads of HTTP response bodies during the Apple notarization process. Exploitation requires the ability to modify API responses from Apple's notarization service, which is not possible under standard network conditions due to HTTPS with proper TLS...

5.3CVSS5.8AI score0.00017EPSS

Exploits0References6