exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 4

CVE-2023-34246

больше 2 лет назад

Doorkeeper is an OAuth 2 provider for Ruby on Rails / Grape. Prior to version 5.6.6, Doorkeeper automatically processes authorization requests without user consent for public clients that have been previous approved. Public clients are inherently vulnerable to impersonation, their identity cannot be assured. This issue is fixed in version 5.6.6.

CVSS3: 4.2

EPSS: Низкий

CVE-2023-34246

больше 2 лет назад

Doorkeeper is an OAuth 2 provider for Ruby on Rails / Grape. Prior to version 5.6.6, Doorkeeper automatically processes authorization requests without user consent for public clients that have been previous approved. Public clients are inherently vulnerable to impersonation, their identity cannot be assured. This issue is fixed in version 5.6.6.

CVSS3: 4.2

EPSS: Низкий

CVE-2023-34246

больше 2 лет назад

Doorkeeper is an OAuth 2 provider for Ruby on Rails / Grape. Prior to ...

CVSS3: 4.2

EPSS: Низкий

GHSA-7w2c-w47h-789w

больше 2 лет назад

Doorkeeper Improper Authentication vulnerability

CVSS3: 4.2

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2023-34246 Doorkeeper is an OAuth 2 provider for Ruby on Rails / Grape. Prior to version 5.6.6, Doorkeeper automatically processes authorization requests without user consent for public clients that have been previous approved. Public clients are inherently vulnerable to impersonation, their identity cannot be assured. This issue is fixed in version 5.6.6.	CVSS3: 4.2	0% Низкий	больше 2 лет назад
CVE-2023-34246 Doorkeeper is an OAuth 2 provider for Ruby on Rails / Grape. Prior to version 5.6.6, Doorkeeper automatically processes authorization requests without user consent for public clients that have been previous approved. Public clients are inherently vulnerable to impersonation, their identity cannot be assured. This issue is fixed in version 5.6.6.	CVSS3: 4.2	0% Низкий	больше 2 лет назад
CVE-2023-34246 Doorkeeper is an OAuth 2 provider for Ruby on Rails / Grape. Prior to ...	CVSS3: 4.2	0% Низкий	больше 2 лет назад
GHSA-7w2c-w47h-789w Doorkeeper Improper Authentication vulnerability	CVSS3: 4.2	0% Низкий	больше 2 лет назад

Уязвимостей на страницу