Known Vulnerabilities for Authentik by Goauthentik
Listed below are 8 of the newest known vulnerabilities associated with "Authentik" by "Goauthentik".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2024-21637 json | 5.4 - MEDIUM | 2024-01-11 | 2024-01-16 | |
| CVE-2023-46249 json | authentik is an open-source Identity Provider. Prior to versions 2023.8.4 and 2023.10.2, when the default admin user has been... | 9.8 - CRITICAL | 2023-10-31 | 2023-11-08 |
| CVE-2023-39522 json | goauthentik is an open-source Identity Provider. In affected versions using a recovery flow with an identification stage an a... | 5.3 - MEDIUM | 2023-08-29 | 2023-09-01 |
| CVE-2023-36456 json | authentik is an open-source Identity Provider. Prior to versions 2023.4.3 and 2023.5.5, authentik does not verify the source ... | 7.3 - HIGH | 2023-07-06 | 2023-07-13 |
| CVE-2023-26481 json | authentik is an open-source Identity Provider. Due to an insufficient access check, a recovery flow link that is created by a... | 6.5 - MEDIUM | 2023-03-04 | 2023-11-07 |
| CVE-2022-46172 json | authentik is an open-source Identity provider focused on flexibility and versatility. In versions prior to 2022.10.4, and 202... | 6.4 - MEDIUM | 2022-12-28 | 2023-06-23 |
| CVE-2022-46145 json | authentik is an open-source identity provider. Versions prior to 2022.11.2 and 2022.10.2 are vulnerable to unauthorized user ... | 9.8 - CRITICAL | 2022-12-02 | 2023-06-23 |
| CVE-2022-23555 json | authentik is an open-source Identity Provider focused on flexibility and versatility. Versions prior to 2022.11.4 and 2022.10... | 8.8 - HIGH | 2022-12-28 | 2023-11-07 |