Launch Week Day 1: Announcing Security Design Review
Start for Free
go

github.com/dexidp/dex

View on go registry
6 Total advisories
6 Vulnerabilities
0 Malware

Vulnerabilities

HIGH 8.7
Go

GHSA-7qjx-gp9h-65qj

Dex: Token-exchange endpoint is missing AllowedConnectors enforcement
CRITICAL 9.3
Go

CVE-2020-26290

Critical security issues in XML encoding in github.com/dexidp/dex
CRITICAL 9.8
Go

CVE-2020-27847

Authentication Bypass in dex
UNKNOWN
Go

CVE-2024-23656

Dex discarding TLSconfig and always serves deprecated TLS 1.0/1.1 and insecure ciphers in github.com/dexidp/dex
HIGH 7.5
Go

CVE-2024-23656

Dex discarding TLSconfig and always serves deprecated TLS 1.0/1.1 and insecure ciphers
CRITICAL 9.3
Go

CVE-2022-39222

Dex vulnerable to Man-in-the-Middle allowing ID token capture via intercepted authorization code

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes