Repomix
Monthly
Server-side request forgery in Repomix's hosted API (POST /api/pack) lets unauthenticated remote attackers coerce the server into making arbitrary outbound requests. Because the endpoint passes user-supplied URLs to git clone without validating the http://, https://, or file:// schemes, an attacker can reach internal-only network addresses, cloud metadata endpoints (e.g. GCP), and read local filesystem paths. VulnCheck reported the flaw and a vendor fix exists; no public exploit is identified at time of analysis.
Server-side request forgery in Repomix's hosted API (POST /api/pack) lets unauthenticated remote attackers coerce the server into making arbitrary outbound requests. Because the endpoint passes user-supplied URLs to git clone without validating the http://, https://, or file:// schemes, an attacker can reach internal-only network addresses, cloud metadata endpoints (e.g. GCP), and read local filesystem paths. VulnCheck reported the flaw and a vendor fix exists; no public exploit is identified at time of analysis.