Description
Fulcio is a certificate authority for issuing code signing certificates for an OpenID Connect (OIDC) identity. Prior to 1.8.5, Fulcio's metaRegex() function uses unanchored regex, allowing attackers to bypass MetaIssuer URL validation and trigger SSRF to arbitrary internal services. Since the SSRF only can trigger GET requests, the request cannot mutate state. The response from the GET request is not returned to the caller so data exfiltration is not possible. A malicious actor could attempt to probe an internal network through Blind SSRF. This vulnerability is fixed in 1.8.5.
Published: 2026-01-12
Score: 5.8 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Server‑Side Request Forgery (GET only, blind)
Action: Patch
AI Analysis

Impact

The vulnerability lies in Fulcio’s metaRegex() function, which uses unanchored regular expression matching to validate MetaIssuer URLs. An attacker can craft a regex that bypasses this check, allowing the server to perform a GET request to any internal address. Because the HTTP method is limited to GET and the response is discarded, the attacker cannot alter state or exfiltrate data directly. However, blind SSRF can still be used to probe internal services and discover their presence, increasing the risk of future attacks. The weakness is identified as CWE‑918.

Affected Systems

The flaw affects all installations of sigstore:fulcio running any version before 1.8.5. No approved workaround is listed, and the official fix is to upgrade to version 1.8.5 or later.

Risk and Exploitability

The CVSS score of 5.8 indicates moderate severity, and the EPSS score of less than 1% suggests exploitation is currently unlikely. The vulnerability is not listed in the CISA KEV catalogue, reducing the urgency for immediate action. Nevertheless, because it permits internal network discovery, administrators should treat the flaw as a potential precursor to more serious attacks and consider both patching and network containment measures.

Generated by OpenCVE AI on April 18, 2026 at 16:27 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Sigstore Fulcio to version 1.8.5 or later to eliminate the SSRF issue.
  • Deploy intrusion detection rules to flag outbound GET requests from Fulcio to internal IP ranges and alert for suspicious activity.
  • Implement firewall or network segmentation controls to restrict Fulcio’s ability to initiate requests to internal services unless explicitly allowed.

Generated by OpenCVE AI on April 18, 2026 at 16:27 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-59jp-pj84-45mr Fulcio is vulnerable to Server-Side Request Forgery (SSRF) via MetaIssuer Regex Bypass
History

Thu, 05 Mar 2026 14:00:00 +0000

Type Values Removed Values Added
First Time appeared Linuxfoundation
Linuxfoundation fulcio
CPEs cpe:2.3:a:linuxfoundation:fulcio:*:*:*:*:*:*:*:*
Vendors & Products Linuxfoundation
Linuxfoundation fulcio

Fri, 23 Jan 2026 00:15:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

 threat_severity

Moderate

Tue, 13 Jan 2026 09:30:00 +0000

Type Values Removed Values Added
First Time appeared Sigstore
Sigstore fulcio
Vendors & Products Sigstore
Sigstore fulcio

Mon, 12 Jan 2026 22:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 12 Jan 2026 21:15:00 +0000

Type Values Removed Values Added
Description Fulcio is a certificate authority for issuing code signing certificates for an OpenID Connect (OIDC) identity. Prior to 1.8.5, Fulcio's metaRegex() function uses unanchored regex, allowing attackers to bypass MetaIssuer URL validation and trigger SSRF to arbitrary internal services. Since the SSRF only can trigger GET requests, the request cannot mutate state. The response from the GET request is not returned to the caller so data exfiltration is not possible. A malicious actor could attempt to probe an internal network through Blind SSRF. This vulnerability is fixed in 1.8.5.
Title Fulcio vulnerable to Server-Side Request Forgery (SSRF) via MetaIssuer Regex Bypass
Weaknesses CWE-918
References
Metrics cvssV3_1

{'score': 5.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N'}

Subscriptions

Linuxfoundation Fulcio
Sigstore Fulcio
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-01-12T21:17:31.478Z

Reserved: 2026-01-09T18:27:19.387Z

Link: CVE-2026-22772

cve-icon Vulnrichment

Updated: 2026-01-12T21:17:14.304Z

cve-icon NVD

Status : Analyzed

Published: 2026-01-12T21:15:59.457

Modified: 2026-03-05T13:48:17.443

Link: CVE-2026-22772

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-01-12T20:58:53Z

Links: CVE-2026-22772 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T16:30:05Z

Weaknesses