2 matches found
Server-side Request Forgery (SSRF)
Overview agentos-taskweaver is an A code-first agent framework for seamlessly planning and executing data analytics tasks Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the network configuration process. An attacker can access local services running on th...
GHSA-GPX9-96J6-PP87 TaskWeaver has Protection Mechanism Failure and Server-Side Request Forgery (SSRF)
Summary This vulnerability allows a user to escape the container network isolation and access the host’s local services 127.0.0.1 bound on the host. The vulnerability is applicable only on the MacOS and Windows environments while using Docker Desktop, Containerd on Lima VM, or Podman. Details...