2 matches found
CVE-2021-27098
SPIRE contains an authorization bypass vulnerability in the Legacy Node API FetchX509SVID path. Specifically, before versions 0.8.5, and prior to 0.9.4, 0.10.2, 0.11.3, and 0.12.1, specially crafted requests could cause the server to issue an X.509 certificate with a URI SAN for a SPIFFE ID that ...
CVE-2021-27099
SPIRE vulnerability CVE-2021-27099 affects earlier SPIRE releases (before 0.11.3 and 0.12.1) where the aws_iid Node Attestor’s agent ID templating path could be improperly normalized. If an attacker controls an EC2 tag value and templating is configured with this tag as the last path element, it ...