Lucene search
K

5 matches found

Snyk
Snyk
added 2026/07/07 3:26 p.m.4 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the OIDC discovery process. An attacker can cause the service to follow malicious redirects, leading to server-side request forgery and potential exposure of Kubernetes service-account tokens by...

8.2CVSS6.1AI score
Exploits0References3
Snyk
Snyk
added 2026/07/02 10:18 p.m.6 views

Origin Validation Error

Overview Affected versions of this package are vulnerable to Origin Validation Error in the OIDC discovery process when the X-Forwarded-Host header is not validated and no allowed-hosts list is configured. An attacker can manipulate the issuer and JWKS URI in the discovery document by supplying a...

8.2CVSS6AI score0.00246EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/07/02 12:0 a.m.16 views

PT-2026-55297

Name of the Vulnerable Software and Affected Versions Dapr affected versions not specified Description Dapr Sentry's OIDC discovery endpoint /.well-known/openid-configuration derives the issuer and jwks uri from the request Host. When no allowed-hosts list is configured, the system honors an...

8.2CVSS6AI score0.00246EPSS
Exploits0References8
OSV
OSV
added 2026/06/30 6:38 p.m.8 views

GHSA-F5MR-Q85P-6HH6 Fulcio has OIDC Discovery Redirect Following Allows SSRF and JWKS Substitution for Meta-Issuer Paths, with Kubernetes Service-Account Token Leakage

Impact Three security vulnerabilities were identified in the OIDC Discovery client: 1. Blind Server-Side Request Forgery SSRF via Cross-Host Redirects: Fulcio uses an HTTP client to fetch OIDC discovery metadata /.well-known/openid-configuration. Prior to this fix, if a configured issuer returned...

8.7CVSS5.5AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.5 views

PT-2026-54443

Name of the Vulnerable Software and Affected Versions Fulcio versions prior to 1.8.6 Description Three security issues were identified in the OIDC Discovery client. First, a blind Server-Side Request Forgery SSRF occurs because the HTTP client used to fetch OIDC discovery metadata from the...

8.7CVSS5.8AI score
Exploits0References5
Rows per page
Query Builder