Vulnerabilities > Openid
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-05-21 | CVE-2008-3280 | Unspecified vulnerability in Openid It was found that various OpenID Providers (OPs) had TLS Server Certificates that used weak keys, as a result of the Debian Predictable Random Number Generator (CVE-2008-0166). | 5.9 |
2019-06-10 | CVE-2019-11027 | Unspecified vulnerability in Openid Ruby-Openid Ruby OpenID (aka ruby-openid) through 2.8.0 has a remotely exploitable flaw. | 9.8 |
2019-03-21 | CVE-2019-9837 | Open Redirect vulnerability in Openid Connect Doorkeeper::OpenidConnect (aka the OpenID Connect extension for Doorkeeper) 1.4.x and 1.5.x before 1.5.4 has an open redirect via the redirect_uri field in an OAuth authorization request (that results in an error response) with the 'openid' scope and a prompt=none value. | 6.1 |