pkg:Go/github.com/dexidp/dex

5 total CVEsCRITICAL3HIGH2

✅ Check your installed version

All known vulnerabilities

  • CRITICAL9.8CVE-2020-27847Authentication Bypass in dex
    from 0, < 2.27.0
  • CRITICAL9.3CVE-2022-39222Dex vulnerable to Man-in-the-Middle allowing ID token capture via intercepted authorization code
    from 0, < 2.35.0
  • CRITICAL9.3CVE-2020-26290Critical security issues in XML encoding in github.com/dexidp/dex
    from 0, < 2.27.0
  • HIGH7.5CVE-2024-23656Dex discarding TLSconfig and always serves deprecated TLS 1.0/1.1 and insecure ciphers in github.com/dexidp/dex
    >= 2.37.0, < 2.38.0
  • HIGH7.5CVE-2024-23656Dex discarding TLSconfig and always serves deprecated TLS 1.0/1.1 and insecure ciphers in github.com/dexidp/dex
    from 0