3 matches found
CVE-2026-14336
PIA's OIDC issuer allowlist for Jenkins tokens uses a bare string-prefix check issuer.startswith' https://ci.eclipse.org ' in isissuerknown, pia/models.py:139 instead of validating the issuer as a properly host-bounded URL. An attacker can craft an issuer such as https://[email protected]...
CVE-2025-62513 OpenBao leaks HTTPRawBody in Audit Logs
OpenBao is an open source identity-based secrets management system. In versions 2.2.0 to 2.4.1, OpenBao's audit log experienced a regression wherein raw HTTP bodies used by few endpoints were not correctly redacted HMAC'd. This impacts those using the ACME functionality of PKI, resulting in...
Red Hat 3scale Security Vulnerability
Red Hat 3scale is a suite of API Application Programming Interface lifecycle management software from Red Hat. A security vulnerability exists in Red Hat 3Scale that stems from an incompatibility between the use3scaleoidcissuerendpoint of the token introspection policy and RH-SSO 7.5 or later...