5 matches found
CVE-2024-32980
Spin is the developer tool for building and running serverless applications powered by WebAssembly. Prior to 2.4.3, some specifically configured Spin applications that use self requests without a specified URL authority can be induced to make requests to arbitrary hosts via the Host HTTP header...
CVE-2024-32980
Spin is the developer tool for building and running serverless applications powered by WebAssembly. Prior to 2.4.3, some specifically configured Spin applications that use self requests without a specified URL authority can be induced to make requests to arbitrary hosts via the Host HTTP header...
CVE-2024-32980 Spin contains a potential network sandbox escape for specifically configured Spin applications
Spin is the developer tool for building and running serverless applications powered by WebAssembly. Prior to 2.4.3, some specifically configured Spin applications that use self requests without a specified URL authority can be induced to make requests to arbitrary hosts via the Host HTTP header...
CVE-2024-32980 Spin contains a potential network sandbox escape for specifically configured Spin applications
Spin is the developer tool for building and running serverless applications powered by WebAssembly. Prior to 2.4.3, some specifically configured Spin applications that use self requests without a specified URL authority can be induced to make requests to arbitrary hosts via the Host HTTP header...
CVE-2024-32980
CVE-2024-32980 affects Spin prior to 2.4.3. Specifically configured Spin applications that use self requests without a URL authority can be induced to make requests to arbitrary hosts via the Host header. Vulnerable conditions include: routing requests based on URL rather than Host while preservi...