4 matches found
CVE-2025-46647
A vulnerability of plugin openid-connect in Apache APISIX. This vulnerability will only have an impact if all of the following conditions are met: 1. Use the openid-connect plugin with introspection mode 2. The auth service connected to openid-connect provides services to multiple issuers 3...
CVE-2025-46647 Apache APISIX: improper validation of issuer from introspection discovery url in plugin openid-connect
A vulnerability of plugin openid-connect in Apache APISIX. This vulnerability will only have an impact if all of the following conditions are met: 1. Use the openid-connect plugin with introspection mode 2. The auth service connected to openid-connect provides services to multiple issuers 3...
CVE-2025-46647 Apache APISIX: improper validation of issuer from introspection discovery url in plugin openid-connect
A vulnerability of plugin openid-connect in Apache APISIX. This vulnerability will only have an impact if all of the following conditions are met: 1. Use the openid-connect plugin with introspection mode 2. The auth service connected to openid-connect provides services to multiple issuers 3...
CVE-2025-46647
creationtimestamp| type| source ---|---|--- 2025-07-02 11:04:26+00:00| seen| https://seclists.org/oss-sec/2025/q3/2 2025-07-02 13:27:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lsycvsiflh2r 2025-07-02 13:30:55+00:00| seen|...