habsi/authentik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

website: link CVE and attribute reporter

Browse Source 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer
2022-12-25 14:17:17 +01:00
parent 0423023d2e
commit 7046944bf6
5 changed files with 12 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
website/docs/releases/v2022.10.md
View File

@ -3804,7 +3804,7 @@ Changed response : **200 OK**
## Fixed in 2022.10.2
- \*: fix CVE-2022-46145
- \*: fix [CVE-2022-46145](../security/CVE-2022-46145), Reported by [@sdimovv](https://github.com/sdimovv)
## Fixed in 2022.10.3
@ -3812,8 +3812,8 @@ Changed response : **200 OK**
## Fixed in 2022.10.4
- \*: fix CVE-2022-46172
- \*: fix CVE-2022-23555
- \*: fix [CVE-2022-46172](../security/CVE-2022-46172), Reported by [@DreamingRaven](https://github.com/DreamingRaven)
- \*: fix [CVE-2022-23555](../security/CVE-2022-23555), Reported by [@fuomag9](https://github.com/fuomag9)
## Upgrading

6
website/docs/releases/v2022.11.md
View File

@ -73,7 +73,7 @@ image:
## Fixed in 2022.11.2
- \*: fix CVE-2022-46145
- \*: fix [CVE-2022-46145](../security/CVE-2022-46145), Reported by [@sdimovv](https://github.com/sdimovv)
## Fixed in 2022.11.3
@ -81,8 +81,8 @@ image:
## Fixed in 2022.11.4
- \*: fix CVE-2022-46172
- \*: fix CVE-2022-23555
- \*: fix [CVE-2022-46172](../security/CVE-2022-46172), Reported by [@DreamingRaven](https://github.com/DreamingRaven)
- \*: fix [CVE-2022-23555](../security/CVE-2022-23555), Reported by [@fuomag9](https://github.com/fuomag9)
## API Changes

2
website/docs/security/CVE-2022-23555.md
View File

@ -1,5 +1,7 @@
# CVE-2022-23555
_Reported by [@fuomag9](https://github.com/fuomag9)_
## Token reuse in invitation URLs leads to access control bypass via the use of a different enrollment flow
### Summary

2
website/docs/security/CVE-2022-46145.md
View File

@ -1,5 +1,7 @@
# CVE-2022-46145
_Reported by [@sdimovv](https://github.com/sdimovv)_
## Unauthorized user creation and potential account takeover
### Impact

2
website/docs/security/CVE-2022-46172.md
View File

@ -1,5 +1,7 @@
# CVE-2022-46172
_Reported by [@DreamingRaven](https://github.com/DreamingRaven)_
## Existing Authenticated Users can Create Arbitrary Accounts
### Summary