5 matches found
Server-side Request Forgery (SSRF)
Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the OIDC discovery process. An attacker can cause the service to follow malicious redirects, leading to server-side request forgery and potential exposure of Kubernetes service-account tokens by...
Origin Validation Error
Overview Affected versions of this package are vulnerable to Origin Validation Error in the OIDC discovery process when the X-Forwarded-Host header is not validated and no allowed-hosts list is configured. An attacker can manipulate the issuer and JWKS URI in the discovery document by supplying a...
PT-2026-55297
Name of the Vulnerable Software and Affected Versions Dapr affected versions not specified Description Dapr Sentry's OIDC discovery endpoint /.well-known/openid-configuration derives the issuer and jwks uri from the request Host. When no allowed-hosts list is configured, the system honors an...
GHSA-F5MR-Q85P-6HH6 Fulcio has OIDC Discovery Redirect Following Allows SSRF and JWKS Substitution for Meta-Issuer Paths, with Kubernetes Service-Account Token Leakage
Impact Three security vulnerabilities were identified in the OIDC Discovery client: 1. Blind Server-Side Request Forgery SSRF via Cross-Host Redirects: Fulcio uses an HTTP client to fetch OIDC discovery metadata /.well-known/openid-configuration. Prior to this fix, if a configured issuer returned...
PT-2026-54443
Name of the Vulnerable Software and Affected Versions Fulcio versions prior to 1.8.6 Description Three security issues were identified in the OIDC Discovery client. First, a blind Server-Side Request Forgery SSRF occurs because the HTTP client used to fetch OIDC discovery metadata from the...