Fiware Fiware Keyrock

5 CVEs affecting Fiware Fiware Keyrock. Latest disclosed: 2024-08-12. Critical: 2, High: 1.

Top CVEs affecting Fiware Fiware Keyrock
CVESeverityScorePublishedSummary
CVE-2024-42167Critical9.12024-08-12The function "generate_app_certificates" in controllers/saml2/saml2.js of FIWARE Keyrock <= 8.4 does not neutralize special elements used in an OS Command prop…
CVE-2024-42166Critical9.12024-08-12The function "generate_app_certificates" in lib/app_certificates.js of FIWARE Keyrock <= 8.4 does not neutralize special elements used in an OS Command properl…
CVE-2024-42163High8.32024-08-12Insufficiently random values for generating password reset token in FIWARE Keyrock <= 8.4 allow attackers to take over the account of any user by predicting th…
CVE-2024-42165Medium6.32024-08-12Insufficiently random values for generating activation token in FIWARE Keyrock <= 8.4 allow attackers to activate accounts of any user by predicting the token…
CVE-2024-42164Medium4.32024-08-12Insufficiently random values for generating password reset token in FIWARE Keyrock <= 8.4 allow attackers to disable two factor authorization of any user by pr…