GHSA-3mp7-vp6j-2mxxLowCVSS 3.1
BBOT: Server-Side Request Forgery (SSRF) in docker_pull module via WWW-Authenticate realm parsing
🔗 CVE IDs covered (1)
📋 Description
The docker_pull module uses the realm parameter from a Docker registry's WWW-Authenticate response header as the authentication endpoint without validation. An attacker in a man-in-the-middle position between bbot and a Docker registry could modify this header to redirect the authentication request to an arbitrary endpoint, potentially leaking authentication tokens.
🎯 Affected products1
- pip/bbot:>= 2.0.0, <= 2.8.4