3 matches found
GHSA-HCHG-QM84-CJ9P Aider has an SSRF vulnerability through its AWS EC2 Metadata Endpoint
A security vulnerability has been detected in Aider-AI Aider 0.86.3.dev. This affects the function requests.get of the file apidocs.py of the component AWS EC2 Metadata Endpoint. The manipulation leads to server-side request forgery. The attack is possible to be carried out remotely. The exploit...
Linux Distros Unpatched Vulnerability : CVE-2024-35195
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Requests is a HTTP library. Prior to 2.32.0, when making requests through a Requests Session, if the first request is made with verify=False to disable cert...
Medium: aws-cfn-bootstrap
Issue Overview: Requests is a HTTP library. Prior to 2.32.0, when making requests through a Requests Session, if the first request is made with verify=False to disable cert verification, all subsequent requests to the same host will continue to ignore cert verification regardless of changes to th...