5 matches found
CVE-2026-32727
SciTokens is a reference library for generating and using SciTokens. Prior to version 1.9.7, the Enforcer is vulnerable to a path traversal attack where an attacker can use dot-dot .. in the scope claim of a token to escape the intended directory restriction. This occurs because the library...
CVE-2026-32727 SciTokens: Authorization Bypass via Path Traversal in Scope Validation
SciTokens is a reference library for generating and using SciTokens. Prior to version 1.9.7, the Enforcer is vulnerable to a path traversal attack where an attacker can use dot-dot .. in the scope claim of a token to escape the intended directory restriction. This occurs because the library...
CVE-2026-32727
CVE-2026-32727 concerns SciTokens: prior to version 1.9.7, the Enforcer is vulnerable to a path traversal attack via a token scope claim containing dot-dot (..). The issue arises from normalization of both the authorized path and the requested path, then comparing with startswith. Affected: SciTo...
CVE-2026-32716
SciTokens is a reference library for generating and using SciTokens. Prior to version 1.9.6, the Enforcer incorrectly validates scope paths by using a simple prefix match startswith. This allows a token with access to a specific path e.g., /john to also access sibling paths that start with the sa...
CVE-2026-32714 SciTokens vulnerable to SQL Injection in KeyCache
SciTokens is a reference library for generating and using SciTokens. Prior to version 1.9.6, the KeyCache class in scitokens was vulnerable to SQL Injection because it used Python's str.format to construct SQL queries with user-supplied data such as issuer and keyid. This allowed an attacker to...