10 matches found
SUSE CVE-2026-31959
Quill provides simple mac binary signing and notarization from any platform. Quill before version v0.7.1 contains a Server-Side Request Forgery SSRF vulnerability when attempting to fetch the Apple notarization submission logs. Exploitation requires the ability to modify API responses from Apple'...
GO-2026-4671 Quill vulnerable to SSRF via unvalidated URL from Apple notarization log retrieval in github.com/anchore/quill
Quill vulnerable to SSRF via unvalidated URL from Apple notarization log retrieval in github.com/anchore/quill...
CVE-2026-31959
Quill provides simple mac binary signing and notarization from any platform. Quill before version v0.7.1 contains a Server-Side Request Forgery SSRF vulnerability when attempting to fetch the Apple notarization submission logs. Exploitation requires the ability to modify API responses from Apple'...
CVE-2026-31959
Quill provides simple mac binary signing and notarization from any platform. Quill before version v0.7.1 contains a Server-Side Request Forgery SSRF vulnerability when attempting to fetch the Apple notarization submission logs. Exploitation requires the ability to modify API responses from Apple'...
CVE-2026-31959
CVE-2026-31959 (Quill) : Quill before v0.7.1 is vulnerable to SSRF in the notarization logs retrieval flow. The client fetches a URL provided by the Apple notarization service and currently does not validate that the URL uses https or that the host is safe (not local or multicast). An attacker wh...
CVE-2026-31959 SSRF in Quill via unvalidated URL from Apple notarization log retrieval
Quill provides simple mac binary signing and notarization from any platform. Quill before version v0.7.1 contains a Server-Side Request Forgery SSRF vulnerability when attempting to fetch the Apple notarization submission logs. Exploitation requires the ability to modify API responses from Apple'...
CVE-2026-31959 SSRF in Quill via unvalidated URL from Apple notarization log retrieval
Quill provides simple mac binary signing and notarization from any platform. Quill before version v0.7.1 contains a Server-Side Request Forgery SSRF vulnerability when attempting to fetch the Apple notarization submission logs. Exploitation requires the ability to modify API responses from Apple'...
Quill vulnerable to SSRF via unvalidated URL from Apple notarization log retrieval
Impact Quill before version v0.7.1 contains a Server-Side Request Forgery SSRF vulnerability when attempting to fetch the Apple notarization submission logs. Exploitation requires the ability to modify API responses from Apple's notarization service, which is not possible under standard network...
EUVD-2026-11325
Quill vulnerable to SSRF via unvalidated URL from Apple notarization log retrieval...
PT-2026-24806
Name of the Vulnerable Software and Affected Versions Quill versions prior to 0.7.1 Description Quill, a tool for macOS binary signing and notarization, contains a Server-Side Request Forgery SSRF issue when retrieving Apple notarization submission logs. Exploitation requires the ability to modif...