3 matches found
CVE-2026-33752
curlcffi is the a Python binding for curl. Prior to 0.15.0, curlcffi does not restrict requests to internal IP ranges, and follows redirects automatically via the underlying libcurl. Because of this, an attacker-controlled URL can redirect requests to internal services such as cloud metadata...
PT-2023-24760 · Weave · Weave Gitops Terraform Controller
Name of the Vulnerable Software and Affected Versions: Weave GitOps Terraform Controller versions prior to v0.14.4 Weave GitOps Terraform Controller versions prior to v0.15.0-rc.5 Description: A vulnerability has been identified in Weave GitOps Terraform Controller which could allow an...
Eclipse OpenJ9 code injection vulnerability
Eclipse OpenJ9 is a Java application engine from the Eclipse Foundation. The product is primarily used to run Java applications. A code injection vulnerability exists in AIX builds in Eclipse OpenJ9 versions prior to 0.15.0. The vulnerability stems from a networked system or product that does not...