Lucene search
K

CVE-2023-36456 Authentik lacks Proxy IP headers validation

šŸ—“ļøĀ 06 Jul 2023Ā 18:24:03Reported byĀ GitHub_MTypeĀ 
cvelist
Ā cvelist
šŸ”—Ā www.cve.orgšŸ‘Ā 19Ā Views

Authentik lacks Proxy IP headers validation prior to 2023.4.3 and 2023.5.

Related
Affected
Refs
ReporterTitlePublishedViews
Family
Circl
CVE-2023-36456
6 Jul 202322:20
–circl
CNNVD
authentik å®‰å…Øę¼ę“ž
6 Jul 202300:00
–cnnvd
CVE
CVE-2023-36456
6 Jul 202318:24
–cve
EUVD
EUVD-2023-40420
3 Oct 202520:07
–euvd
Github Security Blog
GoFiber Vulnerable to Username Enumeration via Timing Oracle in BasicAuth Default Authorizer
2 Jul 202613:46
–github
NVD
CVE-2023-36456
6 Jul 202319:15
–nvd
OSV
BIT-AUTHENTIK-2023-36456 Authentik lacks Proxy IP headers validation
16 Apr 202623:36
–osv
OSV
CVE-2023-36456 Authentik lacks Proxy IP headers validation
6 Jul 202318:24
–osv
Prion
Design/Logic Flaw
6 Jul 202319:15
–prion
Positive Technologies
PT-2023-25576
6 Jul 202300:00
–ptsecurity
Rows per page
[
  {
    "vendor": "goauthentik",
    "product": "authentik",
    "versions": [
      {
        "version": "< 2023.4.3",
        "status": "affected"
      },
      {
        "version": ">= 2023.5.0, < 2023.5.5",
        "status": "affected"
      }
    ]
  }
]

Data

Build on a solid foundation withĀ Vulners data

WeĀ provide theĀ essential building blocks forĀ cybersecurity solutions withĀ comprehensive, structured, andĀ constantly updated vulnerability andĀ exploits data

Api

Power your application withĀ Vulners API

The Vulners REST API offers reliable, high-performance access toĀ vulnerabilityĀ intelligence, withĀ 99.9%Ā SLAĀ uptime andĀ CDN-backed data delivery forĀ seamlessĀ global access

App

Assess and manage vulnerabilities withĀ VulnersĀ tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

06 Jul 2023 18:24Current
8.6High risk
Vulners AI Score8.6
CVSS 3.18.3
EPSS0.00573
19