doorkeeper is vulnerable to Improper Authentication. The vulnerability exists because user authentication is automatically processed without consent of the user if the authentication token matches, which is out of OAuth RFC 8252 spec, allowing an attacker to impersonate a user and possibly bypass authentication.
CPE | Name | Operator | Version |
---|---|---|---|
doorkeeper | le | 5.6.5 | |
doorkeeper | le | 4.4.3 | |
doorkeeper | le | 5.6.5 | |
doorkeeper | le | 4.4.3 | |
ruby-doorkeeper:sid | eq | 5.3.0-2 | |
ruby-doorkeeper:sid | eq | 5.5.0-2 | |
ruby-doorkeeper:sid | eq | 5.3.0-1 |
github.com/advisories/GHSA-7w2c-w47h-789w
github.com/doorkeeper-gem/doorkeeper/commit/f202079baac4c978a01ccc9a45d78fde368ac907
github.com/doorkeeper-gem/doorkeeper/issues/1589
github.com/doorkeeper-gem/doorkeeper/pull/1646
github.com/doorkeeper-gem/doorkeeper/releases/tag/v5.6.6
github.com/doorkeeper-gem/doorkeeper/security/advisories/GHSA-7w2c-w47h-789w
github.com/rubysec/ruby-advisory-db/blob/master/gems/doorkeeper/CVE-2023-34246.yml
lists.debian.org/debian-lts-announce/2023/07/msg00016.html
www.rfc-editor.org/rfc/rfc8252#section-8.6