CVE-2026-50194

Source
https://cve.org/CVERecord?id=CVE-2026-50194
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-50194.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-50194
Aliases
Published
2026-06-17T21:03:26.756Z
Modified
2026-07-08T08:05:47.574035801Z
Severity
  • 8.2 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N CVSS Calculator
Summary
Steeltoe vulnerable to management-port isolation bypass via spoofed Host header
Details

Steeltoe is an open source project that provides a collection of libraries that helps users build cloud-native applications. When Steeltoe management endpoints versions 3.2.2 through 3.3.0 and 4.1.0 are configured to listen on an alternate port (Management:Endpoints:Port is configured), the middleware responsible for restricting access to the endpoints uses the Host HTTP header rather than the actual network socket port. Versions 3.4.0 and 4.2.0 patch the issue. If an immediate upgrade to a patched version is not possible, add explicit ASP.NET Core authorization (RequireAuthorization) to all sensitive actuator endpoints as a defense-in-depth measure independent of port isolation and/or configure the reverse proxy or load balancer to enforce the Host header value and prevent clients from setting an arbitrary port.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/50xxx/CVE-2026-50194.json",
    "cwe_ids": [
        "CWE-288",
        "CWE-639"
    ],
    "cna_assigner": "GitHub_M"
}
References

Affected packages

Git / github.com/steeltoeoss/steeltoe

Affected ranges

Type
GIT
Repo
https://github.com/steeltoeoss/steeltoe
Events
Database specific
{
    "source": [
        "DESCRIPTION",
        "REFERENCES"
    ],
    "extracted_events": [
        {
            "introduced": "3.2.2"
        },
        {
            "fixed": "3.3.0"
        }
    ]
}

Affected versions

3.*
3.2.2
3.2.3
3.2.4
3.2.5
3.2.6
3.2.7
3.2.8
3.3.0

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-50194.json"