fkie_cve-2025-52477
Vulnerability from fkie_nvd
Published
2025-06-26 17:15
Modified
2025-06-26 18:57
Severity ?
Summary
Octo-STS is a GitHub App that acts like a Security Token Service (STS) for the GitHub API. Octo-STS versions before v0.5.3 are vulnerable to unauthenticated SSRF by abusing fields in OpenID Connect tokens. Malicious tokens were shown to trigger internal network requests which could reflect error logs with sensitive information. Upgrade to v0.5.3 to resolve this issue. This version includes patch sets to sanitize input and redact logging.
References
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Octo-STS is a GitHub App that acts like a Security Token Service (STS) for the GitHub API. Octo-STS versions before v0.5.3 are vulnerable to unauthenticated SSRF by abusing fields in OpenID Connect tokens. Malicious tokens were shown to trigger internal network requests which could reflect error logs with sensitive information. Upgrade to v0.5.3 to resolve this issue. This version includes patch sets to sanitize input and redact logging."
},
{
"lang": "es",
"value": "Octo-STS es una aplicaci\u00f3n de GitHub que funciona como un Servicio de Token de Seguridad (STS) para la API de GitHub. Las versiones de Octo-STS anteriores a la v0.5.3 son vulnerables a SSRF no autenticado al abusar de los campos de los tokens de OpenID Connect. Se ha demostrado que los tokens maliciosos activan solicitudes de red internas que podr\u00edan reflejar registros de errores con informaci\u00f3n confidencial. Actualice a la v0.5.3 para resolver este problema. Esta versi\u00f3n incluye conjuntos de parches para sanear la entrada y redactar los registros."
}
],
"id": "CVE-2025-52477",
"lastModified": "2025-06-26T18:57:43.670",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
},
"published": "2025-06-26T17:15:30.897",
"references": [
{
"source": "security-advisories@github.com",
"url": "https://github.com/octo-sts/app/commit/0f177fde54f9318e33f0bba6abaea9463a7c3afd"
},
{
"source": "security-advisories@github.com",
"url": "https://github.com/octo-sts/app/commit/b3976e39bd8c8c217c0670747d34a4499043da92"
},
{
"source": "security-advisories@github.com",
"url": "https://github.com/octo-sts/app/security/advisories/GHSA-h3qp-hwvr-9xcq"
},
{
"source": "security-advisories@github.com",
"url": "https://github.com/octo-sts/app/security/advisories/GHSA-h3qp-hwvr-9xcq"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Awaiting Analysis",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-918"
}
],
"source": "security-advisories@github.com",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…