Lucene search
+L

4 matches found

redhatcve
redhatcve
added 2025/07/04 11:24 a.m.7 views

CVE-2025-46647

A vulnerability of plugin openid-connect in Apache APISIX. This vulnerability will only have an impact if all of the following conditions are met: 1. Use the openid-connect plugin with introspection mode 2. The auth service connected to openid-connect provides services to multiple issuers 3...

5.3CVSS6.4AI score0.00412EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2025/07/02 11:8 a.m.4 views

CVE-2025-46647 Apache APISIX: improper validation of issuer from introspection discovery url in plugin openid-connect

A vulnerability of plugin openid-connect in Apache APISIX. This vulnerability will only have an impact if all of the following conditions are met: 1. Use the openid-connect plugin with introspection mode 2. The auth service connected to openid-connect provides services to multiple issuers 3...

7.2AI score0.00412EPSS
Exploits0References1
osv
osv
added 2025/07/02 11:8 a.m.6 views

CVE-2025-46647 Apache APISIX: improper validation of issuer from introspection discovery url in plugin openid-connect

A vulnerability of plugin openid-connect in Apache APISIX. This vulnerability will only have an impact if all of the following conditions are met: 1. Use the openid-connect plugin with introspection mode 2. The auth service connected to openid-connect provides services to multiple issuers 3...

5.3CVSS6.2AI score0.00412EPSS
Exploits0References4
circl
circl
added 2025/07/02 11:4 a.m.10 views

CVE-2025-46647

creationtimestamp| type| source ---|---|--- 2025-07-02 11:04:26+00:00| seen| https://seclists.org/oss-sec/2025/q3/2 2025-07-02 13:27:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lsycvsiflh2r 2025-07-02 13:30:55+00:00| seen|...

5.3CVSS4.8AI score0.00412EPSS
Exploits0References6
Rows per page
Query Builder