rpm package
opensuse/dex-oidc&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/dex-oidc&distro=openSUSE%20Tumbleweed
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-27665 | — | < 2.35.3-1.1 | 2.35.3-1.1 | Apr 3, 2023 | Reflected XSS (via AngularJS sandbox escape expressions) exists in Progress Ipswitch WS_FTP Server 8.6.0. This can lead to execution of malicious code and commands on the client due to improper handling of user-provided input. By inputting malicious payloads in the subdirectory s | ||
| CVE-2020-26290 | — | < 2.28.1-1.3 | 2.28.1-1.3 | Dec 28, 2020 | Dex is a federated OpenID Connect provider written in Go. In Dex before version 2.27.0 there is a critical set of vulnerabilities which impacts users leveraging the SAML connector. The vulnerabilities enables potential signature bypass due to issues with XML encoding in the under |
- CVE-2022-27665Apr 3, 2023affected < 2.35.3-1.1fixed 2.35.3-1.1
Reflected XSS (via AngularJS sandbox escape expressions) exists in Progress Ipswitch WS_FTP Server 8.6.0. This can lead to execution of malicious code and commands on the client due to improper handling of user-provided input. By inputting malicious payloads in the subdirectory s
- CVE-2020-26290Dec 28, 2020affected < 2.28.1-1.3fixed 2.28.1-1.3
Dex is a federated OpenID Connect provider written in Go. In Dex before version 2.27.0 there is a critical set of vulnerabilities which impacts users leveraging the SAML connector. The vulnerabilities enables potential signature bypass due to issues with XML encoding in the under