GHSA-5p9f-55j8-922m

Опубликовано: 13 авг. 2018

Источник: github

Github: Прошло ревью

Описание

Moderate severity vulnerability that affects doorkeeper

Withdrawn, accidental duplicate publish.

The Doorkeeper gem before 4.2.0 for Ruby might allow remote attackers to conduct replay attacks or revoke arbitrary tokens by leveraging failure to implement the OAuth 2.0 Token Revocation specification.

Ссылки

https://nvd.nist.gov/vuln/detail/CVE-2016-6582
https://github.com/advisories/GHSA-5p9f-55j8-922m

Пакеты

Наименование

doorkeeper

rubygems

Затронутые версииВерсия исправления

>= 1.2.0, < 4.2.0

4.2.0