3 matches found
AZL-70184 CVE-2025-59088 affecting package python-kdcproxy 0.4.2-5
If kdcproxy receives a request for a realm which does not have server addresses defined in its configuration, by default, it will query SRV records in the DNS zone matching the requested realm name. This creates a server-side request forgery vulnerability, since an attacker could send a request f...
CVE-2025-59088
If kdcproxy receives a request for a realm which does not have server addresses defined in its configuration, by default, it will query SRV records in the DNS zone matching the requested realm name. This creates a server-side request forgery vulnerability, since an attacker could send a request f...
PT-2025-46675
Name of the Vulnerable Software and Affected Versions kdcproxy affected versions not specified Description kdcproxy is susceptible to a server-side request forgery condition. When kdcproxy processes a request for a realm lacking defined server addresses in its configuration, it defaults to queryi...