Lucene search
MitreCVELIST:CVE-2019-9837HistoryMar 15, 2019 - 11:00 p.m.
CVE-2019-9837
2019-03-1523:00:00
mitre
www.cve.org
4
EPSS
0.001
Percentile
41.8%
Doorkeeper::OpenidConnect (aka the OpenID Connect extension for Doorkeeper) 1.4.x and 1.5.x before 1.5.4 has an open redirect via the redirect_uri field in an OAuth authorization request (that results in an error response) with the ‘openid’ scope and a prompt=none value. This allows phishing attacks against the authorization flow.
Related
ubuntucve
ubuntucve
CVE-2019-9837
2019-03-21 00:00:00
osv
osv
Doorkeeper-openid_connect contains Open Redirect
2019-03-25 16:15:54
CVE-2019-9837
2019-03-21 16:01:17
nvd
nvd
CVE-2019-9837
2019-03-21 16:01:17
rubygems
rubygems
Doorkeeper::OpenidConnect Open Redirect
2019-03-24 21:00:00
veracode
veracode
Open Redirect
2019-03-22 05:00:19
prion
prion
Design/Logic Flaw
2019-03-21 16:01:00
github
github
Doorkeeper-openid_connect contains Open Redirect
2019-03-25 16:15:54
cve
cve
CVE-2019-9837
2019-03-21 16:01:17
debiancve
debiancve
CVE-2019-9837
2019-03-21 16:01:17