Vulnerabilities > Openid

DATE CVE VULNERABILITY TITLE RISK
2021-05-21 CVE-2008-3280 Unspecified vulnerability in Openid
It was found that various OpenID Providers (OPs) had TLS Server Certificates that used weak keys, as a result of the Debian Predictable Random Number Generator (CVE-2008-0166).
network
high complexity
openid
5.9
2019-06-10 CVE-2019-11027 Unspecified vulnerability in Openid Ruby-Openid
Ruby OpenID (aka ruby-openid) through 2.8.0 has a remotely exploitable flaw.
network
low complexity
openid
critical
9.8
2019-03-21 CVE-2019-9837 Open Redirect vulnerability in Openid Connect
Doorkeeper::OpenidConnect (aka the OpenID Connect extension for Doorkeeper) 1.4.x and 1.5.x before 1.5.4 has an open redirect via the redirect_uri field in an OAuth authorization request (that results in an error response) with the 'openid' scope and a prompt=none value.
network
low complexity
openid CWE-601
6.1