Описание
Server-Side Request Forgery in Spinnaker Orca
The Spinnaker template resolution functionality is vulnerable to Server-Side Request Forgery (SSRF), which allows an attacker to send requests on behalf of Spinnaker potentially leading to sensitive data disclosure.
Пакеты
Наименование
com.netflix.spinnaker.orca:orca-core
maven
Затронутые версииВерсия исправления
< 8.7.0
8.7.0
Связанные уязвимости
CVSS3: 7.5
nvd
больше 5 лет назад
The Spinnaker template resolution functionality is vulnerable to Server-Side Request Forgery (SSRF), which allows an attacker to send requests on behalf of Spinnaker potentially leading to sensitive data disclosure.