Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A vulnerability exists in the SAML connector of the github.com/dexidp/dex library used to process SAML Signature Validation. This flaw allows an attacker to bypass SAML authentication. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. This flaw affects dex versions before 2.27.0.
CVSS Information
N/A
Vulnerability Type
语法无效结构处理不恰当
Vulnerability Title
Dex Idp Dex 安全漏洞
Vulnerability Description
Dex Idp Dex是Dex Idp团队的一个基于Go语言的可提供给插拔式的OpenId认证和Oauth认证的软件。 Dex Idp Dex 中的SAML connector存在漏洞。该漏洞源于 SAML 校验存在错误,攻击者可以绕过SAML身份验证。 此漏洞带来的最大威胁是机密性,完整性和系统可用性。以下产品及版本受到影响:Red Hat Advanced Cluster Management for Kubernetes。
CVSS Information
N/A
Vulnerability Type
N/A