Known Vulnerabilities for products from Zitadel
Listed below are 5 of the newest known vulnerabilities associated with the vendor "Zitadel".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-47111 json | ZITADEL provides identity infrastructure. ZITADEL provides administrators the possibility to define a `Lockout Policy` with a... | 3.7 - LOW | 2023-11-08 | 2023-11-16 |
| CVE-2023-46238 json | ZITADEL is an identity infrastructure management system. ZITADEL users can upload their own avatar image using various image ... | 5.4 - MEDIUM | 2023-10-26 | 2023-11-07 |
| CVE-2023-44399 json | ZITADEL provides identity infrastructure. In versions 2.37.2 and prior, ZITADEL administrators can enable a setting called "I... | 5.3 - MEDIUM | 2023-10-10 | 2023-10-23 |
| CVE-2023-22492 json | ZITADEL is a combination of Auth0 and Keycloak. RefreshTokens is an OAuth 2.0 feature that allows applications to retrieve ne... | 5.9 - MEDIUM | 2023-01-11 | 2023-01-24 |
| CVE-2022-36051 json | ZITADEL combines the ease of Auth0 and the versatility of Keycloak.**Actions**, introduced in ZITADEL **1.42.0** on the API a... | 8.8 - HIGH | 2022-08-31 | 2022-09-09 |