Lucene search
K

10 matches found

SUSE CVE
SUSE CVE
added 2025/07/04 2:40 p.m.3 views

SUSE CVE-2025-25208

A Developer persona can bring down the Authorino service, preventing the evaluation of all AuthPolicies on the cluster...

5.7CVSS7AI score0.00288EPSS
Exploits0References2
CNVD
CNVD
added 2025/06/23 12:0 a.m.1 views

Red Hat Connectivity Link Resource Management Error Vulnerability

Red Hat Connectivity Link is a Kubernetes network connectivity management platform from Red Hat, USA. Red Hat Connectivity Link has a resource management error vulnerability that can be exploited by an attacker to cause the Authorino service to crash...

5.7CVSS7AI score0.00288EPSS
Exploits0References1
OSV
OSV
added 2025/06/09 6:30 a.m.24 views

GHSA-R8XR-PGV5-GXW3 Authorino Uncontrolled Resource Consumption vulnerability

The Authorino service in the Red Hat Connectivity Link is the authorization service for zero trust API security. Authorino allows the users with developer persona to add callbacks to be executed to HTTP endpoints once the authorization process is completed. It was found that an attacker with...

5.7CVSS7.2AI score0.00278EPSS
Exploits0References4
NVD
NVD
added 2025/06/09 6:15 a.m.10 views

CVE-2025-25208

A Developer persona can bring down the Authorino service, preventing the evaluation of all AuthPolicies on the cluster...

5.7CVSS0.00288EPSS
Exploits0References2
CVE
CVE
added 2025/06/09 6:13 a.m.65 views

CVE-2025-25208

CVE-2025-25208 affects the Authorino project (github.com/kuadrant/authorino) and is described as an uncontrolled resource consumption denial of service through an authpolicy with sharedsecretref, per multiple connected entries (e.g., CVE list/circl). The core impact is that a malicious/developer ...

5.7CVSS5.6AI score0.00288EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/06/09 6:13 a.m.12 views

CVE-2025-25208 Rhcl: authorino denial of service through authpolicy with sharedsecretref severity

A Developer persona can bring down the Authorino service, preventing the evaluation of all AuthPolicies on the cluster...

5.7CVSS0.00288EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/06/09 6:12 a.m.32 views

CVE-2025-25207 Rhcl: authpolicy callbacks result in denial of service in authorino severity

The Authorino service in the Red Hat Connectivity Link is the authorization service for zero trust API security. Authorino allows the users with developer persona to add callbacks to be executed to HTTP endpoints once the authorization process is completed. It was found that an attacker with...

5.7CVSS0.00278EPSS
Exploits0References2
CVE
CVE
added 2025/06/09 6:12 a.m.72 views

CVE-2025-25207

The CVE concerns Authorino in Red Hat Connectivity Link. A developer-persona attacker can flood the service with post‑authorization callbacks, and since policy enforcement is handled by a single Authorino instance, this leads to Denial of Service during post‑authorization callback processing. Doc...

5.7CVSS5.7AI score0.00278EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/06/09 12:0 a.m.5 views

Red Hat Connectivity Link 资源管理错误漏洞

Red Hat Connectivity Link is a Kubernetes network connectivity management platform from Red Hat, USA. Red Hat Connectivity Link has a resource management error vulnerability that can be exploited by an attacker to cause the Authorino service to crash...

5.7CVSS6.8AI score0.00288EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/06/09 12:0 a.m.4 views

PT-2025-24399

Name of the Vulnerable Software and Affected Versions Red Hat Connectivity Link affected versions not specified Description The issue concerns the Authorino service in the Red Hat Connectivity Link, which is responsible for zero trust API security. It allows users with a developer persona to add...

5.7CVSS5.9AI score0.00278EPSS
Exploits0References11
Rows per page
Query Builder