Headline

GHSA-4c4x-jm2x-pf9j: Rekor affected by Server-Side Request Forgery (SSRF) via provided public key URL

Summary

/api/v1/index/retrieve supports retrieving a public key via a user-provided URL, allowing attackers to trigger SSRF to arbitrary internal services.

Since the SSRF only can trigger GET requests, the request cannot mutate state. The response from the GET request is not returned to the caller so data exfiltration is not possible. A malicious actor could attempt to probe an internal network through Blind SSRF.

Impact

SSRF to cloud metadata (169.254.169.254)
SSRF to internal Kubernetes APIs
SSRF to any service accessible from Fulcio’s network

Patches

Upgrade to v1.5.0. Note that this is a breaking change to the search API and fully disables lookups by URL. If you require this feature, please reach out and we can discuss alternatives.

Workarounds

Disable the search endpoint with --enable_retrieve_api=false.

1 hour ago

ghsa

Open in Source

#web #git #kubernetes #ssrf

GitHub Advisory Database
GitHub Reviewed
CVE-2026-24117

Rekor affected by Server-Side Request Forgery (SSRF) via provided public key URL

Moderate severity GitHub Reviewed Published Jan 22, 2026 in sigstore/rekor • Updated Jan 22, 2026

Package

gomod github.com/sigstore/rekor (Go)

Affected versions

<= 1.4.3

Summary

/api/v1/index/retrieve supports retrieving a public key via a user-provided URL, allowing attackers to trigger SSRF to arbitrary internal services.

Impact

SSRF to cloud metadata (169.254.169.254)
SSRF to internal Kubernetes APIs
SSRF to any service accessible from Fulcio’s network

Patches

Upgrade to v1.5.0. Note that this is a breaking change to the search API and fully disables lookups by URL. If you require this feature, please reach out and we can discuss alternatives.

Workarounds

Disable the search endpoint with --enable_retrieve_api=false.

References