9 matches found
[SECURITY] [DLA 3989-1] ruby-doorkeeper security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3989-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk December 09, 2024 https://wiki.debian.org/LTS -...
Debian dla-3989 : ruby-doorkeeper - security update
The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dla-3989 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3989-1 [email protected] https://www.debian.org/lts/security/...
Debian: Security Advisory (DLA-3494-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 3494-1] ruby-doorkeeper security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3494-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb July 12, 2023 https://wiki.debian.org/LTS -...
Debian dla-3494 : ruby-doorkeeper - security update
The remote Debian 10 host has a package installed that is affected by a vulnerability as referenced in the dla-3494 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3494-1 [email protected] https://www.debian.org/lts/security/...
Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS / 22.04 LTS / 23.04 : Doorkeeper vulnerability (USN-6210-1)
The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS / 22.04 LTS / 23.04 host has a package installed that is affected by a vulnerability as referenced in the USN-6210-1 advisory. It was discovered that Doorkeeper incorrectly performed authorization checks for public clients that have been previou...
CVE-2023-34246
Doorkeeper is an OAuth 2 provider for Ruby on Rails / Grape. Prior to version 5.6.6, Doorkeeper automatically processes authorization requests without user consent for public clients that have been previous approved. Public clients are inherently vulnerable to impersonation, their identity cannot...
CVE-2023-34246
CVE-2023-34246 affects ruby-doorkeeper, an OAuth 2 provider for Ruby on Rails and Grape. Prior to Doorkeeper 5.6.6, the gem could automatically process authorization requests for public clients that had been previously approved, enabling potential impersonation of public clients due to identity n...
CVE-2023-34246 Doorkeeper Improper Authentication vulnerability
Doorkeeper is an OAuth 2 provider for Ruby on Rails / Grape. Prior to version 5.6.6, Doorkeeper automatically processes authorization requests without user consent for public clients that have been previous approved. Public clients are inherently vulnerable to impersonation, their identity cannot...