The Spinnaker template resolution functionality is vulnerable to Server-Side Request Forgery (SSRF), which allows an attacker to send requests on behalf of Spinnaker potentially leading to sensitive data disclosure.
CPE | Name | Operator | Version |
---|---|---|---|
com.netflix.spinnaker.orca:orca-core | lt | 8.7.0 |