You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This task includes issues in the following code repository:
permify:
pkg/schema/loader.go at line 123
internal/authn/oidc/authn.go at line 369
TLDR
If an attacker can control the URL input leading into this http request, the attack might be able to perform an SSRF attack. This kind of attack is even more dangerous is the application returns the result of the URL fetch to the user. It can serve as an initial access point for an attacker for stealing credentials in the cloud.
How to fix
If possible, only allow requests to verified domains. If not, consult the article linked above to learn about other mitigating techniques such as disabling redirects, blocking private IPs and making sure private services have internal authentication. If you return data coming from the request to the user, validate the data before returning it to make sure you don't return random data.
The text was updated successfully, but these errors were encountered:
Find more live information in Aikido here: https://app.aikido.dev/queue?sidebarIssue=4226129&groupId=6798&sidebarIssueTask=572877&sidebarTab=tasks
Scope
This task includes issues in the following code repository:
pkg/schema/loader.go at line 123
internal/authn/oidc/authn.go at line 369
TLDR
If an attacker can control the URL input leading into this http request, the attack might be able to perform an SSRF attack. This kind of attack is even more dangerous is the application returns the result of the URL fetch to the user. It can serve as an initial access point for an attacker for stealing credentials in the cloud.
How to fix
If possible, only allow requests to verified domains. If not, consult the article linked above to learn about other mitigating techniques such as disabling redirects, blocking private IPs and making sure private services have internal authentication. If you return data coming from the request to the user, validate the data before returning it to make sure you don't return random data.
The text was updated successfully, but these errors were encountered: