VYPR
Unrated severityNVD Advisory· Published Mar 7, 2024· Updated Aug 2, 2024

JFrog Artifactory Improper SSO Mechanism may lead to Exposure of Access Tokens

CVE-2023-42662

Description

JFrog Artifactory versions 7.59 and above, but below 7.59.18, 7.63.18, 7.68.19, 7.71.8 are vulnerable to an issue whereby user interaction with specially crafted URLs could lead to exposure of user access tokens due to improper handling of the CLI / IDE browser based SSO integration.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • Jfrog/Artifactoryllm-fuzzy2 versions
    7.59.0 - 7.59.17, 7.63.0 - 7.63.17, 7.68.0 - 7.68.18, 7.71.0 - 7.71.7+ 1 more
    • (no CPE)range: 7.59.0 - 7.59.17, 7.63.0 - 7.63.17, 7.68.0 - 7.68.18, 7.71.0 - 7.71.7
    • (no CPE)range: 7.59
  • osv-coords
    Range: >= 7.59.0, < 7.59.18

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.