PT-2023-31418 · Docker+1 · Docker+1

Kn4Ck3R

Publicado

2023-12-03

Atualizado

2023-12-07

CVE-2023-49947

CVSS v3.1

7.5

Alta

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions Forgejo versions prior to 1.20.5-1

Description The issue allows for 2FA bypass when docker login uses Basic Authentication.

Recommendations For versions prior to 1.20.5-1, update to version 1.20.5-1 or later to resolve the issue.

Correção

Incorrect Authorization

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

CVE-2023-49947

Forgejo

Docker