Skip to main content

Dex

4 CVEs product

Monthly

CVE-2024-23656 Go HIGH POC PATCH This Week

Dex is an identity service that uses OpenID Connect to drive authentication for other apps. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Dex
NVD GitHub
CVSS 3.1
7.5
EPSS
0.4%
CVE-2024-20802 MEDIUM Monitor

Improper access control vulnerability in Samsung DeX prior to SMR Jan-2024 Release 1 allows owner to access other users' notification in a multi-user environment. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Samsung Information Disclosure Dex
NVD
CVSS 3.1
4.6
EPSS
0.1%
CVE-2022-39222 Go MEDIUM POC PATCH This Month

Dex is an identity service that uses OpenID Connect to drive authentication for other apps. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Dex
NVD GitHub
CVSS 3.1
6.5
EPSS
1.1%
CVE-2020-26290 Go CRITICAL PATCH Act Now

Dex is a federated OpenID Connect provider written in Go. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Mattermost Jwt Attack Authentication Bypass Dex
NVD GitHub
CVSS 3.1
9.6
EPSS
1.0%
EPSS 0% CVSS 7.5
HIGH POC PATCH This Week

Dex is an identity service that uses OpenID Connect to drive authentication for other apps. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Dex
NVD GitHub
EPSS 0% CVSS 4.6
MEDIUM Monitor

Improper access control vulnerability in Samsung DeX prior to SMR Jan-2024 Release 1 allows owner to access other users' notification in a multi-user environment. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Samsung Information Disclosure Dex
NVD
EPSS 1% CVSS 6.5
MEDIUM POC PATCH This Month

Dex is an identity service that uses OpenID Connect to drive authentication for other apps. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Dex
NVD GitHub
EPSS 1% CVSS 9.6
CRITICAL PATCH Act Now

Dex is a federated OpenID Connect provider written in Go. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Mattermost Jwt Attack Authentication Bypass +1
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy