Server-Side Request Forgery in Spinnaker Orca

🗓️ 07 May 2021 15:31:54Reported by GitHub Advisory DatabaseType

Spinnaker Orca SSRF vulnerabilit

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 8
CVE	CVE-2020-9298	28 Aug 202015:15	–	cve
OSV	GHSA-4FCW-PQ4R-F4Q7 Server-Side Request Forgery in Spinnaker Orca	7 May 202115:54	–	osv
OSV	CVE-2020-9298	28 Aug 202015:15	–	osv
AlpineLinux	CVE-2020-9298	28 Aug 202015:15	–	alpinelinux
Rosalinux	Advisory ROSA-SA-2021-1942	2 Jul 202117:39	–	rosalinux
Prion	Server side request forgery (ssrf)	28 Aug 202015:15	–	prion
Cvelist	CVE-2020-9298	28 Aug 202014:45	–	cvelist
NVD	CVE-2020-9298	28 Aug 202015:15	–	nvd

Vulners

Node

com.netflix.spinnaker.orca orca-coreRange<8.7.0

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2020-9298
github	www.github.com/spinnaker/orca/pull/3706/commits/4f3c07da8fcacd67bb1984aef11b2066f2c0d11c
github	www.github.com/Netflix/security-bulletins/blob/master/advisories/nflx-2020-003.md
github	www.github.com/spinnaker/orca/releases/tag/v8.7.0
github	www.github.com/advisories/GHSA-4fcw-pq4r-f4q7

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

07 May 2021 15:54Current

7.2High risk

Vulners AI Score7.2

CVSS25

CVSS37.5

EPSS0.00347

CWE-918