3 matches found
CVE-2025-65109
Summary (CVE-2025-65109) Minder exposes a risk where the Minder server can fetch content (potentially including restricted URLs) due to insufficient sandboxing of http.send in Rego policy evaluation. Affected: Minder Helm v0.20241106.3386+ref.2507dbf and Minder Go v0.0.72–0.0.83. Impact: access t...
CVE-2025-64752
grist-core is a spreadsheet hosting server. Prior to version 1.7.7, a user with access to any document on a Grist installation can use a feature for fetching from a URL that is executed on the server. The privileged network access of server-side requests could offer opportunities for attack...
PT-2025-46916
Name of the Vulnerable Software and Affected Versions grist-core versions prior to 1.7.7 Description grist-core is a spreadsheet hosting server. A user with access to any document on a Grist installation can use a feature for fetching from a URL that is executed on the server. The privileged...