Metrics
Affected Vendors & Products
Mon, 22 Sep 2025 14:15:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| Metrics | ssvc 
 | 
Mon, 22 Sep 2025 10:15:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| First Time appeared | Harness Harness harness | |
| Vendors & Products | Harness Harness harness | 
Sun, 21 Sep 2025 03:00:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| Description | A flaw has been found in Harness 3.3.0. This impacts the function LookupRepo of the file app/api/controller/gitspace/lookup_repo.go. Executing manipulation of the argument url can lead to server-side request forgery. The attack may be launched remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |
| Title | Harness lookup_repo.go LookupRepo server-side request forgery | |
| Weaknesses | CWE-918 | |
| References |  | |
| Metrics | cvssV2_0 
 
 
 
 | 
 MITRE
                        MITRE
                    Status: PUBLISHED
Assigner: VulDB
Published: 2025-09-21T02:32:06.125Z
Updated: 2025-09-22T14:10:36.828Z
Reserved: 2025-09-20T07:05:08.666Z
Link: CVE-2025-10760
 Vulnrichment
                        Vulnrichment
                    Updated: 2025-09-22T14:10:12.167Z
 NVD
                        NVD
                    Status : Awaiting Analysis
Published: 2025-09-21T03:15:34.600
Modified: 2025-09-22T21:23:01.543
Link: CVE-2025-10760
 Redhat
                        Redhat
                    No data.