Rebuild <= 3.5.5 is vulnerable to server-side request forgery (SSRF) due to improper validation of the url
parameter in the readRawText
function of the HTTP Request Handler component. This vulnerability allows an attacker to make unauthorized requests to internal resources.
View the template here CVE-2024-1021.yaml
References:
https://nvd.nist.gov/vuln/detail/CVE-2024-1021