CVE-2024-23656
Summary
| CVE | CVE-2024-23656 |
|---|
| State | PUBLISHED |
|---|
| Assigner | Unknown |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2024-01-25 20:15:00 UTC |
|---|
| Updated | 2024-01-31 23:26:00 UTC |
|---|
| Description | Description unavailable. |
|---|
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|
| Application |
Linuxfoundation |
Dex |
2.37.0 |
All |
All |
All |
References
| Reference | Source | Link | Tags |
|---|
| tls cert reloader by seankhliao · Pull Request #2964 · dexidp/dex · GitHub |
|
github.com |
|
| github.com/dexidp/dex/blob/70d7a2c7c1bb2646b1a540e49616cbc39622fb83/cmd/... |
|
github.com |
|
| Dex 2.37.0 is discarding TLSconfig and always serves deprecated TLS 1.0/1.1 and insecure ciphers · Advisory · dexidp/dex · GitHub |
|
github.com |
|
| Support configuration of TLS min and max versions · Issue #2848 · dexidp/dex · GitHub |
|
github.com |
|
| feat: add TLS versions configuration · dexidp/dex@5bbdb44 · GitHub |
|
github.com |
|
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 996897 GO (Go) Security Update for github.com/dexidp/dex (GHSA-gr79-9v6v-gc9r)
