3 matches found
CVE-2024-1143
Central Dogma (LY Corporation) is affected by an XSS vulnerability in versions prior to 0.64.1 that can leak user sessions via RelayState processing of SAML messages, potentially enabling authentication bypass. The issue is documented across multiple sources (CVE-2024-1143, OSV, RH/Red Hat, JVN/J...
CVE-2021-38388
CVE-2021-38388 concerns a privilege-escalation issue in Central Dogma. Multiple connected sources describe that a user with file-managing privileges can mirror to an internal dogma repository that houses the authorization file, enabling elevation of privileges. The core detail is the mirroring me...
CVE-2025-11222
Central Dogma is affected by an Open Redirect vulnerability in the login flow for versions before 0.78.0. A crafted URL can redirect users to untrusted sites, enabling phishing and potential credential theft. The issue is documented across multiple sources (NVD/Red Hat OSV/GHSA etc.) with the fix...