Lucene search
GitHub_MCVELIST:CVE-2023-34246HistoryJun 12, 2023 - 4:33 p.m.
CVE-2023-34246 Doorkeeper Improper Authentication vulnerability
2023-06-1216:33:05
CWE-287
GitHub_M
raw.githubusercontent.com
2
doorkeeper
oauth 2
ruby on rails
grape
improper authentication
vulnerability
public clients
impersonation
identity
authorization requests
Doorkeeper is an OAuth 2 provider for Ruby on Rails / Grape. Prior to version 5.6.6, Doorkeeper automatically processes authorization requests without user consent for public clients that have been previous approved. Public clients are inherently vulnerable to impersonation, their identity cannot be assured. This issue is fixed in version 5.6.6.
Related
cve
cve
CVE-2023-34246
2023-06-12 17:15:09
debiancve
debiancve
CVE-2023-34246
2023-06-12 17:15:09
openvas
openvas
Debian: Security Advisory (DLA-3494-1)
2023-07-13 00:00:00
Ubuntu: Security Advisory (USN-6210-1)
2023-07-10 00:00:00
ubuntucve
ubuntucve
CVE-2023-34246
2023-06-12 00:00:00
prion
prion
Authorization
2023-06-12 17:15:00
osv
osv
Doorkeeper Improper Authentication vulnerability
2023-06-12 19:50:34
CVE-2023-34246
2023-06-12 17:15:09
nessus
nessus
Debian DLA-3494-1 : ruby-doorkeeper - LTS security update
2023-07-12 00:00:00
veracode
veracode
Improper Authentication
2023-06-20 09:14:17
github
github
Doorkeeper Improper Authentication vulnerability
2023-06-12 19:50:34