Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

go

github.com/zitadel/zitadel

go · Repository · Package

Security Advisories for github.com/zitadel/zitadel in go

High
4 months ago

ZITADEL Allows Account Takeover via Malicious X-Forwarded-Proto Header Injection GSA_kwCzR0hTQS05M200LW1mcGctYzN4Zs4ABIbp

go github.com/zitadel/zitadel/v2, github.com/zitadel/zitadel
High
5 months ago

ZITADEL Allows IdP Intent Token Reuse GSA_kwCzR0hTQS1nNHI4LW1wN2ctODVmcc4ABHiR

go github.com/zitadel/zitadel
Critical
7 months ago

IDOR Vulnerabilities in ZITADEL's Admin API that Primarily Impact LDAP Configurations GSA_kwCzR0hTQS1mM2doLTUyOXctdjMyeM4ABFE2

go github.com/zitadel/zitadel, github.com/zitadel/zitadel/v2
High
11 months ago

User Registration Bypass in Zitadel GSA_kwCzR0hTQS0zcm13LTc2bTYtNGdqY84ABAq8

go github.com/zitadel/zitadel
Moderate
11 months ago

Denied Host Validation Bypass in Zitadel Actions GSA_kwCzR0hTQS02Y2Y1LXc5aDMtNHJxds4ABAq7

go github.com/zitadel/zitadel
Moderate
about 1 year ago

ZITADEL "ignoring unknown usernames" vulnerability GSA_kwCzR0hTQS01Njd2LTZobWctNnFnN84AA-TF

go github.com/zitadel/zitadel
Moderate
about 1 year ago

ZITADEL has improper HTML sanitization in emails and Console UI GSA_kwCzR0hTQS12MzMzLTdoMnAtNWZods4AA-TE

go github.com/zitadel/zitadel
Moderate
about 1 year ago

ZITADEL Vulnerable to Session Information Leakage GSA_kwCzR0hTQS1jdnc5LWM1N2gtMzM5N84AA9m1

go github.com/zitadel/zitadel
Moderate
over 1 year ago

Zitadel exposing internal database user name and host information GSA_kwCzR0hTQS1xNXFqLXgyaDUtMzk0Nc4AA7eF

go github.com/zitadel/zitadel
High
over 1 year ago

ZITADEL's Improper Lockout Mechanism Leads to MFA Bypass GSA_kwCzR0hTQS03ajdqLTY2Y3YtbTIzOc4AA7UD

go github.com/zitadel/zitadel
High
over 1 year ago

ZITADEL's Improper Content-Type Validation Leads to Account Takeover via Stored XSS + CSP Bypass GSA_kwCzR0hTQS1ocjV3LWN3d3EtMnY0bc4AA6as

go github.com/zitadel/zitadel
High
over 1 year ago

ZITADEL's actions can overload reserved claims GSA_kwCzR0hTQS1ncDhnLWY0MmYtOTVxMs4AA6ar

go github.com/zitadel/zitadel
High
over 1 year ago

Improper HTML sanitization in ZITADEL GSA_kwCzR0hTQS1oZnJnLTRqd3ItamZwas4AA6Gn

go github.com/zitadel/zitadel
High
over 1 year ago

Account Takeover via Session Fixation in Zitadel [Bypassing MFA] GSA_kwCzR0hTQS1tcTR4LXIydzMtajdtcs4AA54b

go github.com/zitadel/zitadel
High
almost 2 years ago

ZITADEL Account Takeover via Malicious Host Header Injection GSA_kwCzR0hTQS0yd21qLTQ2cmotcW0yd84AA3az

go github.com/zitadel/zitadel
High
almost 2 years ago

ZITADEL race condition in lockout policy execution GSA_kwCzR0hTQS03aDhtLXZyeHgtdnI0bc4AA2_V

go github.com/zitadel/zitadel
Moderate
almost 2 years ago

ZITADEL's password reset does not respect the "Ignoring unknown usernames" setting GSA_kwCzR0hTQS12NjgzLXJjeHgtdnBmZs4AA2X6

go github.com/zitadel/zitadel
Moderate
over 2 years ago

Zitadel RefreshToken invalidation vulnerability GSA_kwCzR0hTQS02cnJyLTc4eHAtNWpwOM4AAw6R

go github.com/zitadel/zitadel
High
about 3 years ago

Broken Authorization in ZITADEL Actions GSA_kwCzR0hTQS1jOGZqLTRwbTgtbXAyY84AAui6

go github.com/zitadel/zitadel

Filter by Severity

High 11 Moderate 7 Critical 1