Product
high
advisory
Oxia TLS Certificate Chain Validation Failure
2 rules 1 TTPOxia's `trustedCertPool()` function fails to parse multi-certificate PEM bundles, leading to certificate chain validation failure and rejection of legitimate clients in mTLS deployments.
Oxia
tls
mtls
certificate-validation
vulnerability
2r
1t
high
advisory
Oxia Server Crash via Session Heartbeat Race Condition
2 rules 1 TTPA race condition in Oxia's session heartbeat handling allows a remote client to trigger a denial-of-service by sending rapid KeepAlive requests during session expiration or closure, leading to a server crash.
Oxia
denial-of-service
race-condition
2r
1t
high
advisory
Oxia Bearer Token Exposure in Debug Logs
2 rules 1 TTPOxia exposes the full bearer token, including JWT header, payload, and signature, in debug log messages when OIDC authentication fails, allowing attackers with log access to replay the tokens.
Oxia
jwt
token leakage
credential access
2r
1t