CVE-2026-14336 Overview
CVE-2026-14336 is a Server-Side Request Forgery (SSRF) vulnerability [CWE-918] in the Package Ingestion API (PIA) component used by Eclipse infrastructure. The flaw resides in the OpenID Connect (OIDC) issuer allowlist logic used to validate Jenkins tokens. The is_issuer_known function in pia/models.py:139 performs a bare string-prefix check using issuer.startswith('https://ci.eclipse.org') rather than validating the issuer as a host-bounded URL. An unauthenticated attacker can craft issuer values that satisfy the prefix check while pointing OIDC discovery and JSON Web Key Set (JWKS) fetches to attacker-controlled infrastructure.
Critical Impact
Unauthenticated attackers can force outbound HTTP(S) requests to arbitrary hosts and have oidc.verify_token accept JSON Web Tokens (JWTs) signed with attacker-controlled keys.
Affected Products
- Eclipse Package Ingestion API (PIA)
- PIA pia/models.py issuer validation module
- OIDC token verification workflow for Jenkins integration
Discovery Timeline
- 2026-07-02 - CVE-2026-14336 published to NVD
- 2026-07-02 - Last updated in NVD database
Technical Details for CVE-2026-14336
Vulnerability Analysis
The PIA service accepts SBOM uploads via the POST /v1/upload/sbom endpoint and authenticates callers using OIDC-signed JWTs issued by Jenkins. Before verifying a token, PIA checks the iss (issuer) claim against a known-issuer allowlist. The is_issuer_known implementation uses Python's string startswith method against the literal https://ci.eclipse.org.
String-prefix matching does not enforce URL host boundaries. An attacker can supply a URL whose scheme and prefix match the expected value, yet whose authority section resolves to an attacker-controlled server. PIA then performs OIDC discovery and JWKS retrieval against the attacker host, and subsequently trusts JWT signatures produced by the attacker's private key.
Root Cause
The root cause is improper input validation of a URL treated as a trusted identifier. The check compares raw bytes at the start of the string rather than parsing the URL and comparing the host component against an allowlist. This conflates lexical prefix equality with authority-level equality, a well-known SSRF anti-pattern captured under [CWE-918].
Attack Vector
Two issuer payload variants defeat the prefix check. The userinfo variant is https://ci.eclipse.org@evil.host, where ci.eclipse.org becomes the userinfo component and evil.host is the actual authority. The suffix variant is https://ci.eclipse.org.evil.host, where the trusted string becomes a subdomain label of the attacker-controlled parent domain.
An unauthenticated caller submits an SBOM to POST /v1/upload/sbom with a JWT whose iss claim contains one of these payloads. PIA fetches OIDC metadata and JWKS from the attacker host, retrieves the attacker's public key, and validates a forged JWT signed with the corresponding private key. This yields authentication bypass and coerced outbound requests to arbitrary internal or external hosts.
No verified exploit code is publicly available. See the Eclipse CVE Assignment Work Item for the upstream technical description.
Detection Methods for CVE-2026-14336
Indicators of Compromise
- Outbound HTTP(S) connections from PIA hosts to destinations other than ci.eclipse.org for OIDC discovery paths such as /.well-known/openid-configuration or JWKS endpoints.
- Requests to POST /v1/upload/sbom containing JWTs whose decoded iss claim includes @ characters or suffixes beyond ci.eclipse.org.
- DNS resolutions from PIA infrastructure for hostnames containing ci.eclipse.org as a subdomain label of an unrelated parent domain.
Detection Strategies
- Parse inbound JWT iss claims at the reverse proxy or Web Application Firewall (WAF) and reject values whose parsed host is not exactly ci.eclipse.org.
- Alert on any egress from PIA workloads to destinations outside a pinned allowlist of Eclipse Foundation infrastructure.
- Correlate /v1/upload/sbom requests with subsequent outbound TLS handshakes containing unexpected Server Name Indication (SNI) values.
Monitoring Recommendations
- Enable full request logging on the SBOM upload endpoint and retain decoded JWT headers and claims for retrospective analysis.
- Monitor egress firewall logs for HTTPS connections originating from PIA service accounts.
- Track anomalies in OIDC discovery request volume, which typically remains low and stable for a single trusted issuer.
How to Mitigate CVE-2026-14336
Immediate Actions Required
- Replace the startswith prefix check in pia/models.py:139 with URL parsing that compares the parsed host against an exact allowlist entry.
- Restrict egress from PIA workloads to only the Eclipse infrastructure hosts required for OIDC discovery and JWKS retrieval.
- Rotate any cached OIDC keys and audit historical SBOM uploads for JWTs bearing malformed iss claims.
Patch Information
Refer to the Eclipse CVE Assignment Work Item for upstream patch status and remediation guidance from the Eclipse Foundation security team. Operators should deploy the corrected issuer validation as soon as the fix is published upstream.
Workarounds
- Front the PIA service with a reverse proxy that decodes JWTs and enforces an exact host match on the iss claim before requests reach the application.
- Deploy an egress proxy or network policy that permits outbound HTTPS from PIA only to ci.eclipse.org and its documented dependencies.
- Disable unauthenticated access to POST /v1/upload/sbom until the issuer validation logic is corrected.
# Example egress restriction using iptables to limit PIA outbound HTTPS
# Replace <PIA_UID> with the service account UID running PIA
iptables -A OUTPUT -m owner --uid-owner <PIA_UID> -p tcp --dport 443 \
-d ci.eclipse.org -j ACCEPT
iptables -A OUTPUT -m owner --uid-owner <PIA_UID> -p tcp --dport 443 \
-j REJECT --reject-with icmp-admin-prohibited
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

