-
Notifications
You must be signed in to change notification settings - Fork 1.7k
Security: dexidp/dex
Security Navigation
Security Advisories
View known security vulnerabilities and report new vulnerabilities privately to maintainers.
-
Dex 2.37.0 is discarding TLSconfig and always serves deprecated TLS 1.0/1.1 and insecure ciphersGHSA-gr79-9v6v-gc9r published
Jan 25, 2024 by sagikazarmarkHigh -
Backchannel attack allows an attacker to fetch an ID token through an intercepted authorization codeGHSA-vh7g-p26c-j2cw published
Oct 3, 2022 by sagikazarmarkCritical -
Critical security issues in XML encodingGHSA-m9hp-7r99-94h5 published
Dec 14, 2020 by justaugustusCritical