VYPR

rpm package

opensuse/dex-oidc&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/dex-oidc&distro=openSUSE%20Tumbleweed

Vulnerabilities (2)

  • CVE-2022-27665Apr 3, 2023
    affected < 2.35.3-1.1fixed 2.35.3-1.1

    Reflected XSS (via AngularJS sandbox escape expressions) exists in Progress Ipswitch WS_FTP Server 8.6.0. This can lead to execution of malicious code and commands on the client due to improper handling of user-provided input. By inputting malicious payloads in the subdirectory s

  • CVE-2020-26290Dec 28, 2020
    affected < 2.28.1-1.3fixed 2.28.1-1.3

    Dex is a federated OpenID Connect provider written in Go. In Dex before version 2.27.0 there is a critical set of vulnerabilities which impacts users leveraging the SAML connector. The vulnerabilities enables potential signature bypass due to issues with XML encoding in the under