Lucene search

K

Authelia Security Vulnerabilities

cve
cve

CVE-2021-32637

Authelia is a a single sign-on multi-factor portal for web apps. This affects uses who are using nginx ngx_http_auth_request_module with Authelia, it allows a malicious individual who crafts a malformed HTTP request to bypass the authentication mechanism. It additionally could theoretically affect....

10CVSS

9.5AI Score

0.003EPSS

2021-05-28 05:15 PM
63
cve
cve

CVE-2021-29456

Authelia is an open-source authentication and authorization server providing 2-factor authentication and single sign-on (SSO) for your applications via a web portal. In versions 4.27.4 and earlier, utilizing a HTTP query parameter an attacker is able to redirect users from the web application to...

5.7CVSS

5.6AI Score

0.001EPSS

2021-04-21 07:15 PM
15