Lucene search
K

SUSE CVE-2025-52477

🗓️ 06 Aug 2025 02:53:26Reported by Suse CVEType 
susecve
 susecve
🔗 www.suse.com👁 3 Views

Octo-STS before v0.5.3 is vulnerable to unauthenticated SSRF via OpenID Connect tokens; upgrade to v0.5.3 to sanitize input and redact logs.

Related
Packages
Refs
ReporterTitlePublishedViews
Family
Chainguard
CVE-2025-52477 vulnerabilities
30 Jun 202519:16
cgr
Circl
CVE-2025-52477
26 Jun 202517:51
circl
CNNVD
octo-sts 代码问题漏洞
26 Jun 202500:00
cnnvd
CVE
CVE-2025-52477
26 Jun 202516:46
cve
Cvelist
CVE-2025-52477 Octo-STS Vulnerable to Unauthenticated SSRF with HTTP Response Reflection in OIDC Flow
26 Jun 202516:46
cvelist
EUVD
EUVD-2025-19216
3 Oct 202520:07
euvd
Github Security Blog
Octo STS Unauthenticated SSRF by abusing fields in OpenID Connect tokens
26 Jun 202518:53
github
NVD
CVE-2025-52477
26 Jun 202517:15
nvd
OSV
CGA-R6MM-WMG3-7MRR
30 Jun 202516:38
osv
OSV
CGA-W4GX-3PPV-4XX2
29 Jan 202600:49
osv
Rows per page
OSOS VersionArchitecturePackagePackage VersionFilename
OpenSUSE Tumbleweedanygovulncheck-vulndb0.0.20250730T213748-1.1govulncheck-vulndb-0.0.20250730T213748-1.1.noarch.rpm
SUSE Linux Enterprise Server16.0anygovulncheck-vulndb0.0.20250814T182633-160000.1.2govulncheck-vulndb-0.0.20250814T182633-160000.1.2.noarch.rpm

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

20 Mar 2026 10:12Current
6.9Medium risk
Vulners AI Score6.9
CVSS 3.18.6
EPSS0.0041
SSVC
3