Skip to content

Fixes #39479 - CVE-2026-5142: Cross-tenant private SSH key disclosure#11068

Merged
ogajduse merged 1 commit into
theforeman:3.19-stablefrom
ogajduse:cve-2026-5142/3.19-stable
Jul 1, 2026
Merged

Fixes #39479 - CVE-2026-5142: Cross-tenant private SSH key disclosure#11068
ogajduse merged 1 commit into
theforeman:3.19-stablefrom
ogajduse:cve-2026-5142/3.19-stable

Conversation

@ogajduse

@ogajduse ogajduse commented Jul 1, 2026

Copy link
Copy Markdown
Member

CVE-2026-5142

Cross-tenant private SSH key disclosure via taxonomy scoping bypass.

The KeyPairsController#show action is excluded from the find_compute_resource callback that enforces taxonomy scoping. An authenticated user with view_keypairs permission can download the full PEM private key of any compute resource by database ID, bypassing organization and location boundaries.

@pr-processor pr-processor Bot added Not yet reviewed Stable branch PRs that are opened against a stable branch. Usually a cherry pick labels Jul 1, 2026
@ogajduse ogajduse force-pushed the cve-2026-5142/3.19-stable branch from 02f6b48 to 89e8575 Compare July 1, 2026 16:09
@ogajduse ogajduse merged commit 551df23 into theforeman:3.19-stable Jul 1, 2026
22 of 23 checks passed
@ogajduse ogajduse deleted the cve-2026-5142/3.19-stable branch July 1, 2026 16:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

Stable branch PRs that are opened against a stable branch. Usually a cherry pick

Projects

Status: Done

Development

Successfully merging this pull request may close these issues.

3 participants