Maven package
cc.tweaked/cc-tweaked-1.20.6-core
pkg:maven/cc.tweaked/cc-tweaked-1.20.6-core
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-47695 | hig | — | < 1.119.0 | 1.119.0 | May 29, 2026 | ### Summary CC-Tweaked's HTTP API (`http.request`, `http.websocket`) blocks requests to private network ranges to prevent server-side request forgery (SSRF). This protection can be bypassed on IPv6-capable servers using NAT64 well-known prefix addresses (`64:ff9b::/96`). An atta |
- affected < 1.119.0fixed 1.119.0
### Summary CC-Tweaked's HTTP API (`http.request`, `http.websocket`) blocks requests to private network ranges to prevent server-side request forgery (SSRF). This protection can be bypassed on IPv6-capable servers using NAT64 well-known prefix addresses (`64:ff9b::/96`). An atta