6 matches found
EUVD-2021-2457
Malware in sbrugna...
CVE-2021-29456
Authelia is an open-source authentication and authorization server providing 2-factor authentication and single sign-on SSO for your applications via a web portal. In versions 4.27.4 and earlier, utilizing a HTTP query parameter an attacker is able to redirect users from the web application to an...
Brute-force Attack
github.com/authelia/authelia is vulnerable to Brute-force attacks. The vulnerability is due to the regulation system counting username and email logins separately, which increases the number of allowed attempts for an attacker...
CVE-2025-24806
Authelia is an open-source authentication and authorization server providing two-factor authentication and single sign-on SSO for applications via a web portal. If users are allowed to sign in via both username and email the regulation system treats these as separate login events. This leads to t...
CVE-2025-24806
Authelia is an open-source authentication and authorization server providing two-factor authentication and single sign-on SSO for applications via a web portal. If users are allowed to sign in via both username and email the regulation system treats these as separate login events. This leads to t...
CVE-2025-24806
Authelia (open-source authentication server) has a flaw where allowing sign-in via both username and email can cause login events to be counted separately, effectively doubling regulation limits and increasing brute-force risk when two-factor is not enforced or passwords are weak. The issue has a...