Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:21 p.m.9 views

CVE-2026-47358

Terrascan v1.18.3 and prior are vulnerable to Server-Side Request Forgery SSRF via external URL resolution in uploaded IaC templates when running in server mode. When Terrascan parses uploaded ARM templates or CloudFormation templates, it resolves external URLs referenced within those templates v...

9.2CVSS5.5AI score0.00479EPSS
Exploits0References1
NVD
NVD
added 2026/05/19 5:16 p.m.15 views

CVE-2026-47358

Terrascan v1.18.3 and prior are vulnerable to Server-Side Request Forgery SSRF via external URL resolution in uploaded IaC templates when running in server mode. When Terrascan parses uploaded ARM templates or CloudFormation templates, it resolves external URLs referenced within those templates v...

9.2CVSS0.00479EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/19 3:53 p.m.41 views

CVE-2026-47358

Terrascan v1.18.3 and prior are vulnerable to Server-Side Request Forgery SSRF via external URL resolution in uploaded IaC templates when running in server mode. When Terrascan parses uploaded ARM templates or CloudFormation templates, it resolves external URLs referenced within those templates v...

9.2CVSS0.00479EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/19 3:53 p.m.10 views

CVE-2026-47358

Terrascan v1.18.3 and prior are vulnerable to Server-Side Request Forgery SSRF via external URL resolution in uploaded IaC templates when running in server mode. When Terrascan parses uploaded ARM templates or CloudFormation templates, it resolves external URLs referenced within those templates v...

9.2CVSS5.8AI score0.00479EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/19 3:53 p.m.10 views

CVE-2026-47358

Terrascan v1.18.3 and prior are vulnerable to Server-Side Request Forgery SSRF via external URL resolution in uploaded IaC templates when running in server mode. When Terrascan parses uploaded ARM templates or CloudFormation templates, it resolves external URLs referenced within those templates v...

9.2CVSS5.8AI score0.00479EPSS
Exploits0References2
CVE
CVE
added 2026/05/19 3:53 p.m.17 views

CVE-2026-47358

CVE-2026-47358 affects Terrascan v1.18.3 and earlier. In server mode, Terrascan parses uploaded ARM/CloudFormation templates and resolves external URLs via hashicorp/go-getter with default detectors (including FileDetector), enabling an unauthenticated attacker to upload templates containing atta...

9.2CVSS5.8AI score0.00479EPSS
Exploits0References1Affected Software1
Citrix
Citrix
added 2023/03/14 12:0 a.m.9 views

How to configure ARM templates using the new Azure App Layering Azure connector

How to configure ARM templates using the new Azure App Layering Azure connector...

7.1AI score
Exploits0
Kitploit
Kitploit
added 2022/03/01 11:30 a.m.32 views

Checkov - Prevent Cloud Misconfigurations During Build-Time For Terraform, CloudFormation, Kubernetes, Serverless Framework And Other Infrastructure-As-Code-Languages

Checkov is a static code analysis tool for infrastructure-as-code. It scans cloud infrastructure provisioned using Terraform, Terraform plan, Cloudformation, AWS SAM, Kubernetes, Dockerfile, Serverless or ARM Templates and detects securi ty and compliance misconfigurations using graph-based...

6.9AI score
Exploits0References12
The Coalfire Blog
The Coalfire Blog
added 2020/12/14 8:50 p.m.14 views

Azure Policies

Welcome back to Part Two of our four-part Blueprint Series. Today's post covers the use of Azure Policies within a Blueprint deployment along with ARM templates and permissions management. Azure Policies are the critical component of Azure Blueprints. Policies, like ARM Templates, are JSON...

1.3AI score
Exploits0
Rows per page
Query Builder