17 matches found
EUVD-2024-0659
Malicious code in bioql PyPI...
Internet Bug Bounty: CVE-2024-25128: Apache Airflow: Authentication Bypass when Legacy OpenID(2.0) is in use as AUTH_TYPE
CVE-2024-25128: Apache Airflow: Authentication Bypass when Legacy OpenID2.0 is in use as AUTHTYPE. When OpenID2.0 was used as the Authentication Type, an attacker could forge authentication to any existing account in the target Airflow installation by deceiving the backend to trust arbitrary Open...
CVE-2024-25128
Flask-AppBuilder is an application development framework, built on top of Flask. When Flask-AppBuilder is set to AUTHTYPE AUTHOID, it allows an attacker to forge an HTTP request, that could deceive the backend into using any requested OpenID service. This vulnerability could grant an attacker...
Design/Logic Flaw
Flask-AppBuilder is an application development framework, built on top of Flask. When Flask-AppBuilder is set to AUTHTYPE AUTHOID, it allows an attacker to forge an HTTP request, that could deceive the backend into using any requested OpenID service. This vulnerability could grant an attacker...
GHSA-J2PW-VP55-FQQJ Flask-AppBuilder vulnerable to incorrect authentication when using auth type OpenID
Impact When Flask-AppBuilder is set to AUTHTYPE AUTHOID, allows an attacker to forge an HTTP request, that could deceive the backend into using any requested OpenID service. This vulnerability could grant an attacker unauthorised privilege access if a custom OpenID service is deployed by the...
CVE-2024-25128 Flask-AppBuilder incorrect authentication when using auth type OpenID
Flask-AppBuilder is an application development framework, built on top of Flask. When Flask-AppBuilder is set to AUTHTYPE AUTHOID, it allows an attacker to forge an HTTP request, that could deceive the backend into using any requested OpenID service. This vulnerability could grant an attacker...
CVE-2024-25128
Removed by vendor...
PT-2024-20767 · Pypi · Flask-Appbuilder
Name of the Vulnerable Software and Affected Versions: Flask-AppBuilder versions prior to 4.3.11 Description: The issue allows an attacker to forge an HTTP request, deceiving the backend into using any requested OpenID service when Flask-AppBuilder is set to AUTH TYPE AUTH OID. This could grant a...
CVE-2019-11066
openid.php in LightOpenID through 1.3.1 allows SSRF via a crafted OpenID 2.0 assertion request using the HTTP GET method...
Server side request forgery (ssrf)
openid.php in LightOpenID through 1.3.1 allows SSRF via a crafted OpenID 2.0 assertion request using the HTTP GET method...
CVE-2019-11066
openid.php in LightOpenID through 1.3.1 allows SSRF via a crafted OpenID 2.0 assertion request using the HTTP GET method...
CVE-2019-11066
openid.php in LightOpenID through 1.3.1 allows SSRF via a crafted OpenID 2.0 assertion request using the HTTP GET method...
CVE-2019-11066
openid.php in LightOpenID through 1.3.1 allows SSRF via a crafted OpenID 2.0 assertion request using the HTTP GET method...
CVE-2019-11066
CVE-2019-11066 affects LightOpenID up to version 1.3.1, where openid.php is vulnerable to SSRF via a crafted OpenID 2.0 assertion request that uses HTTP GET. The vulnerability originates in LightOpenID’s handling of OpenID 2.0 assertion requests, enabling server-side requests to arbitrary destina...
CVE-2014-2685
The GenericConsumer class in the Consumer component in ZendOpenId before 2.0.2 and the ZendOpenIdConsumer class in Zend Framework 1 before 1.12.4 violate the OpenID 2.0 protocol by ensuring only that at least one field is signed, which allows remote attackers to bypass authentication by leveragin...
Authentication flaw
The GenericConsumer class in the Consumer component in ZendOpenId before 2.0.2 and the ZendOpenIdConsumer class in Zend Framework 1 before 1.12.4 violate the OpenID 2.0 protocol by ensuring only that at least one field is signed, which allows remote attackers to bypass authentication by leveragin...
CVE-2014-2685
The GenericConsumer class in the Consumer component in ZendOpenId before 2.0.2 and the ZendOpenIdConsumer class in Zend Framework 1 before 1.12.4 violate the OpenID 2.0 protocol by ensuring only that at least one field is signed, which allows remote attackers to bypass authentication by leveragin...