CVE-2020-9298

Summary

The Spinnaker template resolution functionality is vulnerable to Server-Side Request Forgery (SSRF), which allows an attacker to send requests on behalf of Spinnaker potentially leading to sensitive data disclosure.

Affected Software

VendorProductVersion RangeStatus
n/aNetflix Orca SpinnakerAll versions prior to version v8.7.0affected

Weaknesses

  • Server-Side Request Forgery

ADP Enrichment

CVE Program Container

Additional References

References