2 matches found
GHSA-MGQ6-4X29-88R3 Portainer's Kubernetes middleware continues after token validation failure, bypassing endpoint authorization
Summary Portainer proxies requests to Kubernetes clusters through a middleware layer kubeClientMiddleware that validates the requesting user's token before forwarding traffic to the cluster. When security.RetrieveTokenData returned an error, the middleware wrote an HTTP 403 response but was missi...
GHSA-VWQ2-JX9Q-9H9F Soft Serve is vulnerable to SSRF through its Webhooks
SUMMARY We have identified and verified an SSRF vulnerability where webhook URLs are not validated, allowing repository administrators to create webhooks targeting internal services, private networks, and cloud metadata endpoints. AFFECTED COMPONENTS VERIFIED 1. Webhook Creation...