CVE-2026-47358
- EPSS 0.48%
- Veröffentlicht 19.05.2026 15:53:09
- Zuletzt bearbeitet 20.05.2026 14:18:30
Terrascan v1.18.3 and prior are vulnerable to Server-Side Request Forgery (SSRF) via external URL resolution in uploaded IaC templates when running in server mode. When Terrascan parses uploaded ARM templates or CloudFormation templates, it resolves ...
CVE-2026-47357
- EPSS 0.48%
- Veröffentlicht 19.05.2026 15:53:05
- Zuletzt bearbeitet 20.05.2026 14:23:12
Terrascan v1.18.3 and prior are vulnerable to Server-Side Request Forgery (SSRF) via the remote_url parameter in the remote directory scan endpoint (POST /v1/{iac}/{iacVersion}/{cloud}/remote/dir/scan) when running in server mode. An unauthenticated ...
CVE-2026-47356
- EPSS 0.5%
- Veröffentlicht 19.05.2026 15:53:04
- Zuletzt bearbeitet 20.05.2026 14:23:20
Terrascan v1.18.3 and prior are vulnerable to Server-Side Request Forgery (SSRF) via the webhook_url parameter in the file scan endpoint (POST /v1/{iac}/{iacVersion}/{cloud}/local/file/scan) when running in server mode. An unauthenticated remote atta...