Lucene search
GitHub Advisory DatabaseGHSA-4FCW-PQ4R-F4Q7HistoryMay 07, 2021 - 3:54 p.m.
Server-Side Request Forgery in Spinnaker Orca
2021-05-0715:54:31
CWE-918
GitHub Advisory Database
github.com
33
0.002 Low
EPSS
Percentile
53.7%
The Spinnaker template resolution functionality is vulnerable to Server-Side Request Forgery (SSRF), which allows an attacker to send requests on behalf of Spinnaker potentially leading to sensitive data disclosure.
| CPE | Name | Operator | Version |
|---|---|---|---|
| com.netflix.spinnaker.orca:orca-core | lt | 8.7.0 |
Related
cve
cve
CVE-2020-9298
2020-08-28 15:15:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1942
2021-07-02 17:39:11
prion
prion
Server side request forgery (ssrf)
2020-08-28 15:15:00
osv
osv
Server-Side Request Forgery in Spinnaker Orca
2021-05-07 15:54:31
CVE-2020-9298
2020-08-28 15:15:12
alpinelinux
alpinelinux
CVE-2020-9298
2020-08-28 15:15:00
cvelist
cvelist
CVE-2020-9298
2020-08-28 14:45:54