VYPR

Vendor CVEs

Zitadel

All CVEs

52 total · sorted by risk
  • CVE-2023-22492Jan 11, 2023
    risk 0.00cvss epss 0.01

    ZITADEL is a combination of Auth0 and Keycloak. RefreshTokens is an OAuth 2.0 feature that allows applications to retrieve new access tokens and refresh the user's session without the need for interacting with a UI. RefreshTokens were not invalidated when a user was locked or…

  • CVE-2022-36051Aug 31, 2022
    risk 0.00cvss epss 0.01

    ZITADEL combines the ease of Auth0 and the versatility of Keycloak.**Actions**, introduced in ZITADEL **1.42.0** on the API and **1.56.0** for Console, is a feature, where users with role.`ORG_OWNER` are able to create Javascript Code, which is invoked by the system at certain…

Page 2 of 2