RUN  v4.1.10 /data/pruva/project-cache/a937b1f3-9b59-4a11-81fc-750572359892/vuln_variant/latest stdout | variant-hostname-ssrf.test.ts > SSO SSRF via public-FQDN/private-IP bypass > attempts SSRF via a public-FQDN that resolves to a private IP register response: 200 { "issuer": "http://974542b9802b:9876", "oidcConfig": { "issuer": "http://974542b9802b:9876", "clientId": "evil-client", "clientSecret": "evil-secret", "authorizationEndpoint": "http://974542b9802b:9876/authorize", "tokenEndpoint": "http://974542b9802b:9876/token", "tokenEndpointAuthentication": "client_secret_basic", "jwksEndpoint": "http://974542b9802b:9876/jwks", "pkce": true, "discoveryEndpoint": "http://974542b9802b:9876/.well-known/openid-configuration", "mapping": { "id": "sub", "email": "email", "emailVerified": "email_verified", "name": "name", "image": "picture" }, "userInfoEndpoint": "http://974542b9802b:9876/userinfo", "overrideUserInfo": false }, "samlConfig": null, "userId": "NjkMPWsVhbrtjnxezGk3FC2UeIOE0RYd", "providerId": "evil-sso", "organizationId": null, "domain": "evil.com", "id": "5eQtknR8SKBj71Pwvgs7iJu1OQgblCle", "redirectURI": "http://localhost:3000/api/auth/sso/callback/evil-sso" } stdout | variant-hostname-ssrf.test.ts > SSO SSRF via public-FQDN/private-IP bypass > attempts SSRF via a public-FQDN that resolves to a private IP sign-in response: 400 { "message": "The tokenEndpoint host \"974542b9802b\" resolves to a non-publicly-routable address (172.20.0.4). If this is an internal IdP, add its origin to trustedOrigins.", "code": "discovery_private_host" } Sign-in blocked by runtime endpoint resolution check ✓ variant-hostname-ssrf.test.ts (1 test) 133ms  Test Files  1 passed (1)  Tests  1 passed (1)  Start at  23:46:44  Duration  524ms (transform 20ms, setup 0ms, import 313ms, tests 133ms, environment 0ms)