漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Minder does not sandbox http.send in Rego programs
Vulnerability Description
Minder is an open source software supply chain security platform. In Minder Helm version 0.20241106.3386+ref.2507dbf and Minder Go versions from 0.0.72 to 0.0.83, Minder users may fetch content in the context of the Minder server, which may include URLs which the user would not normally have access to. This issue has been patched in Minder Helm version 0.20250203.3849+ref.fdc94f0 and Minder Go version 0.0.84.
CVSS Information
N/A
Vulnerability Type
从非可信源包含Web功能例程
Vulnerability Title
Minder 安全漏洞
Vulnerability Description
Minder是一个开源平台,可帮助开发团队和开源社区构建更安全的软件,并向其他人证明他们构建的软件是安全的。 Minder存在安全漏洞,该漏洞源于内容获取不当,可能导致未经授权的URL访问。
CVSS Information
N/A
Vulnerability Type
N/A