10 matches found
SUSE CVE-2025-25208
A Developer persona can bring down the Authorino service, preventing the evaluation of all AuthPolicies on the cluster...
Red Hat Connectivity Link Resource Management Error Vulnerability
Red Hat Connectivity Link is a Kubernetes network connectivity management platform from Red Hat, USA. Red Hat Connectivity Link has a resource management error vulnerability that can be exploited by an attacker to cause the Authorino service to crash...
GHSA-R8XR-PGV5-GXW3 Authorino Uncontrolled Resource Consumption vulnerability
The Authorino service in the Red Hat Connectivity Link is the authorization service for zero trust API security. Authorino allows the users with developer persona to add callbacks to be executed to HTTP endpoints once the authorization process is completed. It was found that an attacker with...
CVE-2025-25208
A Developer persona can bring down the Authorino service, preventing the evaluation of all AuthPolicies on the cluster...
CVE-2025-25208
CVE-2025-25208 affects the Authorino project (github.com/kuadrant/authorino) and is described as an uncontrolled resource consumption denial of service through an authpolicy with sharedsecretref, per multiple connected entries (e.g., CVE list/circl). The core impact is that a malicious/developer ...
CVE-2025-25208 Rhcl: authorino denial of service through authpolicy with sharedsecretref severity
A Developer persona can bring down the Authorino service, preventing the evaluation of all AuthPolicies on the cluster...
CVE-2025-25207 Rhcl: authpolicy callbacks result in denial of service in authorino severity
The Authorino service in the Red Hat Connectivity Link is the authorization service for zero trust API security. Authorino allows the users with developer persona to add callbacks to be executed to HTTP endpoints once the authorization process is completed. It was found that an attacker with...
CVE-2025-25207
The CVE concerns Authorino in Red Hat Connectivity Link. A developer-persona attacker can flood the service with post‑authorization callbacks, and since policy enforcement is handled by a single Authorino instance, this leads to Denial of Service during post‑authorization callback processing. Doc...
Red Hat Connectivity Link 资源管理错误漏洞
Red Hat Connectivity Link is a Kubernetes network connectivity management platform from Red Hat, USA. Red Hat Connectivity Link has a resource management error vulnerability that can be exploited by an attacker to cause the Authorino service to crash...
PT-2025-24399
Name of the Vulnerable Software and Affected Versions Red Hat Connectivity Link affected versions not specified Description The issue concerns the Authorino service in the Red Hat Connectivity Link, which is responsible for zero trust API security. It allows users with a developer persona to add...