2 matches found
GHSA-QQCJ-RGHW-829X Unity Catalog has a JWT Issuer Validation Bypass tht Allows Complete User Impersonation
Context: A critical authentication bypass vulnerability exists in the Unity Catalog token exchange endpoint /api/1.0/unity-control/auth/tokens. The endpoint extracts the issuer iss claim from incoming JWTs and uses it to dynamically fetch the JWKS endpoint for signature validation without...
CVE-2026-27478
CVE-2026-27478 relates to Unity Catalog (0.4.0 and earlier). The vulnerability is a critical authentication bypass in the token exchange endpoint at /api/1.0/unity-control/auth/tokens, where the issuer (iss) claim from incoming JWTs is used to dynamically fetch the JWKS endpoint for signature val...