CVE-2019-8400 (GCVE-0-2019-8400)
Vulnerability from cvelistv5 – Published: 2019-02-17 06:00 – Updated: 2024-08-04 21:17
VLAI?
Summary
ORY Hydra before v1.0.0-rc.3+oryOS.9 has Reflected XSS via the oauth2/fallbacks/error error_hint parameter.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:17:31.580Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://drive.google.com/file/d/1-25expUYVfK6vsiCmEabUCuelOP7aUDj/view?usp=drivesdk"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.youtube.com/watch?v=RIyZLeKEC8E"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/ory/hydra/blob/master/CHANGELOG.md#v100-rc3oryos9-2018-12-06"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://hackerone.com/reports/456333"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/ory/hydra/commit/9b5bbd48a72096930af08402c5e07fce7dd770f3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2019-02-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "ORY Hydra before v1.0.0-rc.3+oryOS.9 has Reflected XSS via the oauth2/fallbacks/error error_hint parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-02-17T05:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://drive.google.com/file/d/1-25expUYVfK6vsiCmEabUCuelOP7aUDj/view?usp=drivesdk"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.youtube.com/watch?v=RIyZLeKEC8E"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ory/hydra/blob/master/CHANGELOG.md#v100-rc3oryos9-2018-12-06"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://hackerone.com/reports/456333"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ory/hydra/commit/9b5bbd48a72096930af08402c5e07fce7dd770f3"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-8400",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ORY Hydra before v1.0.0-rc.3+oryOS.9 has Reflected XSS via the oauth2/fallbacks/error error_hint parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://drive.google.com/file/d/1-25expUYVfK6vsiCmEabUCuelOP7aUDj/view?usp=drivesdk",
"refsource": "MISC",
"url": "https://drive.google.com/file/d/1-25expUYVfK6vsiCmEabUCuelOP7aUDj/view?usp=drivesdk"
},
{
"name": "https://www.youtube.com/watch?v=RIyZLeKEC8E",
"refsource": "MISC",
"url": "https://www.youtube.com/watch?v=RIyZLeKEC8E"
},
{
"name": "https://github.com/ory/hydra/blob/master/CHANGELOG.md#v100-rc3oryos9-2018-12-06",
"refsource": "MISC",
"url": "https://github.com/ory/hydra/blob/master/CHANGELOG.md#v100-rc3oryos9-2018-12-06"
},
{
"name": "https://hackerone.com/reports/456333",
"refsource": "MISC",
"url": "https://hackerone.com/reports/456333"
},
{
"name": "https://github.com/ory/hydra/commit/9b5bbd48a72096930af08402c5e07fce7dd770f3",
"refsource": "MISC",
"url": "https://github.com/ory/hydra/commit/9b5bbd48a72096930af08402c5e07fce7dd770f3"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-8400",
"datePublished": "2019-02-17T06:00:00",
"dateReserved": "2019-02-16T00:00:00",
"dateUpdated": "2024-08-04T21:17:31.580Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2019-8400\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2019-02-17T06:29:00.643\",\"lastModified\":\"2024-11-21T04:49:50.773\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"ORY Hydra before v1.0.0-rc.3+oryOS.9 has Reflected XSS via the oauth2/fallbacks/error error_hint parameter.\"},{\"lang\":\"es\",\"value\":\"ORY Hydra, en versiones anteriores a la v1.0.0-rc.3+oryOS.9, tiene Cross-Site Scripting (XSS) reflejado mediante el par\u00e1metro error_hint en oauth2/fallbacks/error error_hint.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":6.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":2.7}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:P/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.1:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"D9EC97FD-497E-496C-A013-2102B75F8A88\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.1:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"B125FE6A-22F7-45B1-B44F-B7F3C5D08DF8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.1:beta3:*:*:*:*:*:*\",\"matchCriteriaId\":\"46F947BE-CC42-47BC-BC81-FEBEC56BFB44\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.1:beta4:*:*:*:*:*:*\",\"matchCriteriaId\":\"6A78FF7F-F95F-4FAB-8A21-D23A23762244\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7EAC702A-141C-43B7-B021-A48C3D02B470\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C9823765-0DAD-4991-BDBF-F33C2AA3228F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"47C62392-611C-4C9A-BA0B-4E434E7544FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"63C7F111-078A-4115-AC91-BD1DD0A3DE47\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5DC28774-04E6-4D49-8D55-445C4AEF9656\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D5F4BEB-2A1F-4F0A-B4A4-8A20B87FE83A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.4.2:alpha:*:*:*:*:*:*\",\"matchCriteriaId\":\"72456053-6BCE-4754-97B8-B45068C17A8A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.4.2:alpha1:*:*:*:*:*:*\",\"matchCriteriaId\":\"8BCCD315-F5B5-4DE3-A957-93F664C9D353\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.4.2:alpha2:*:*:*:*:*:*\",\"matchCriteriaId\":\"BC1F846D-98B4-483E-A5EC-982547D59E7A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.4.2:alpha3:*:*:*:*:*:*\",\"matchCriteriaId\":\"F24ABCB3-CDB8-4636-AFFF-ADEDB45138B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.4.2:alpha4:*:*:*:*:*:*\",\"matchCriteriaId\":\"A26974EB-0B84-4CB8-A65F-C9F70A2ADDB7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E1E9E8F8-804C-4D7A-A88A-9A5204127825\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"76207328-BB26-4C49-BD63-E2D2B7AA824D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"87A247EE-6295-40AA-8E32-56CBEABAE939\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.5.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A55D7B01-6125-4ECC-BB6C-515B6D9C4995\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.5.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB7CBB5E-EF22-462E-819E-33A3DA2381AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.5.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B85351F5-1A15-44CA-8097-4FA062CF305E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.5.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16D21700-DF22-4969-AB2B-3D1EBA451CD5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.5.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D7CC1BFB-97C8-4688-86AA-71CBED3D12A4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.5.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"22ECE9D0-541B-455D-A9C7-38C1687D3422\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.5.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"03316782-1BDF-4549-924C-357E78D2E234\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0C78E881-B270-42D6-A5C0-5FFDE9F3C470\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BFBB81A5-9E15-44BF-9440-8ACB32D86A4B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.6.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9EDAEB5F-51EB-4C9A-93C7-6CA51CF30B55\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.6.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC45E516-BB30-49B2-9F5B-1F1990B5BD44\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.6.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4498A648-1C6C-4032-A433-348F2E312FED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.6.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3232E431-EDAF-4504-8764-C72E3A20F23A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.6.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"152BA719-F394-4F5E-AE7E-36C036CD29E6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.6.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7457B232-7705-459E-8F14-B8501701BAEE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.6.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5952F8F6-3FD5-4F4A-BB92-0FA158E4516B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.6.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"55E5EE26-3A7E-44C4-94CF-92255E6290FF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.6.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"521945A6-CF3E-4369-A667-5E37F301C01B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A0FC9511-B2E1-44CF-85DF-98EE066FC820\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8ABCA0D5-28E4-478A-A90B-8E2059661C72\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"12292A7E-06CA-48A7-9B30-CD8C3D8C6BB8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.7.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"045DCDC3-F6FB-4F54-B426-3708F6848DBA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.7.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B3AB2509-2C75-452C-9B96-49901BA1FCF4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.7.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"971F55DC-5A26-4D05-B11F-E21B28284AB2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.7.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6096E266-A023-4D8E-AE81-910659B0FA4E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.7.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"87140216-622E-4641-A79A-83321970B5C1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.7.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"098473B5-74E5-4947-A283-4973377B2D0D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.7.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F1F045C-6568-4D80-B059-EA03A53D631D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.7.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB88818F-12C1-41A3-B856-4909186BC7B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.7.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD6D01E3-4868-4D25-8CA4-0EE549685144\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.7.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9EB3590C-92F0-46D9-B7F9-5D3603D91D09\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.7.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0315EC48-80BD-4DD2-88FB-3AED08A129F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E7C6DBCF-1583-4C8A-A98D-E8D5C86733C2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.8.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"004F621E-779D-45F7-B3E0-938B9ACB0A43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.8.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BCFC71AA-83F5-4FD8-AEA1-90E30B436203\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.8.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E6AE0870-EA76-4DCE-B008-31CF65FE1E70\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.8.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F8C23A62-C439-48DC-982F-593EF4E524F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.8.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ACD89EB4-BC48-4D65-B8C1-2ED40381D610\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.8.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D9B3500D-C17D-4C5E-BB33-35A5F497B0FF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.8.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A3DB0C2D-10C3-40EF-B80A-B4C34D8A6B46\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9E18869C-962D-453E-8AED-E9713CF474E1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.9.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CCB58086-C5A8-4337-B259-2C665FFBD6AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.9.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"13D67F6D-8454-4E99-857B-B272AA517E63\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.9.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F6AC4A6-41B9-414C-9ED1-017C23519688\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.9.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D7D2F11E-38C3-412E-A7A4-B744FFA22310\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.9.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36115C19-3D1E-43EF-BA29-F302EA032152\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.9.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB5678FD-4220-4D3D-A130-D6FD3131D0E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.9.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C6953C4C-7FDD-4512-84FC-97F7F6204A05\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.9.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4ACA0B4-1E66-4709-9FF1-02E96AA3AAC6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.9.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CCF6739B-1850-44EF-AB6F-F8C0D358E1FE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.9.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A000386C-2E89-4E15-99F8-8CEE2B09389F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.9.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A07E0F31-743F-4B69-BC8E-EE86966DE67C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.9.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"03428AFE-15BA-4767-9F96-0B964E2C83D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.9.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"61BF2C87-2482-4F69-AD84-08D2BB2995E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.9.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"388F5C79-6196-48E3-89F2-706D9D78E158\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.9.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9DB801EF-6186-4551-A638-3A04021013BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.9.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D56C5AED-522B-4D32-A4D1-F05376600CCB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"71D323D6-A8DC-4619-962D-A67E9F8826F8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.10.0:alpha1:*:*:*:*:*:*\",\"matchCriteriaId\":\"86027C49-06BB-4A7D-81B8-02E90641C25D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.10.0:alpha10:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE65E235-3331-41C9-8995-33D6CBBB3E92\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.10.0:alpha11:*:*:*:*:*:*\",\"matchCriteriaId\":\"6C00564B-169C-48B6-BC2F-CC83B34B64EC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.10.0:alpha12:*:*:*:*:*:*\",\"matchCriteriaId\":\"86498EA0-91A2-4E7F-A4DE-CE7E59B8CEB8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.10.0:alpha13:*:*:*:*:*:*\",\"matchCriteriaId\":\"C16EE15E-6665-4D90-A6A6-6E6B0A76D301\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.10.0:alpha14:*:*:*:*:*:*\",\"matchCriteriaId\":\"A3D9638B-1872-42EE-BE76-355D661786F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.10.0:alpha15:*:*:*:*:*:*\",\"matchCriteriaId\":\"201D1449-A3B1-4AB8-96C6-D9A7772982BA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.10.0:alpha16:*:*:*:*:*:*\",\"matchCriteriaId\":\"E47FF159-F090-40D4-982C-AB77C9F88048\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.10.0:alpha17:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2A5F7F3-11D2-4B49-AA56-FCEE25A8E748\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.10.0:alpha18:*:*:*:*:*:*\",\"matchCriteriaId\":\"D33A4018-0D71-41A5-B1FF-2622AB443555\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.10.0:alpha19:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEC05B25-EEAF-4D38-A410-6D838FE0DC9D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.10.0:alpha2:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC2E6F70-8E9C-481E-ADDF-E0F489C90D8C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.10.0:alpha20:*:*:*:*:*:*\",\"matchCriteriaId\":\"66219BD9-6923-463D-BFD5-0D664118B413\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.10.0:alpha21:*:*:*:*:*:*\",\"matchCriteriaId\":\"F21CA03A-B7EA-4FAC-8A79-199A443F37B6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.10.0:alpha3:*:*:*:*:*:*\",\"matchCriteriaId\":\"60B091A8-6DCB-4ECB-8212-ABDBA8E13D55\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.10.0:alpha4:*:*:*:*:*:*\",\"matchCriteriaId\":\"EA98AC8F-4959-498A-85BB-24F357B2CFC8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.10.0:alpha5:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF98AA36-CDD2-4E4F-AE75-7C1CF60CE044\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.10.0:alpha6:*:*:*:*:*:*\",\"matchCriteriaId\":\"FCECA19B-7D67-4D5C-891D-6770313C0392\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.10.0:alpha7:*:*:*:*:*:*\",\"matchCriteriaId\":\"DDA71FDD-8645-41E7-80A7-3D48F518746A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.10.0:alpha8:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E18E368-63B5-4F94-AE9D-20CB8F290F56\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.10.0:alpha9:*:*:*:*:*:*\",\"matchCriteriaId\":\"B7054AD6-E363-405A-8560-BF2F357791DE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.10.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F8852444-14FA-4B7E-BF2D-DB27CA673B39\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.10.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"646BA2EE-1660-47E6-B713-3246B76B1B1E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.10.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F5995098-ACA1-45B7-8D71-3554282662E3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.10.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"230AC295-D64E-4691-BC90-CCAC2C1E0B77\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.10.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"54A13FC4-7706-494C-8655-FCACDE653874\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.10.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"50CEE802-41E0-462D-B061-16F70C2B2B3A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.10.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"69BE7344-209D-4D80-BE7F-65E9BD290C30\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.10.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0AE61A00-D05F-465D-AAD2-C2E455E230F8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.10.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE77FE27-99BB-43CD-9C82-B42D09648115\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.10.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A9345861-A8C7-406A-BF0C-48E0007C86AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.11.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5BFBEFAE-4B20-4FA3-98C5-2D20DC7AC1B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.11.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8566F0CC-0E4F-4795-A285-B5BCBAF1C02D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.11.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC670873-7979-4804-8274-F09B7C02AD2D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.11.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DA382179-FAFF-48AB-A276-471155589D14\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.11.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD87E3B4-B84F-4D0C-8C9A-9678F12C6D90\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.11.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E3CD52FA-3F1D-4866-B3DC-F510D3707316\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.11.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2D4DD6F-245F-4448-B90C-0A213D0F9C42\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.11.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2072E739-64F3-4AA6-82FB-D1DCB7D44D83\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.11.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BF817538-85D2-4A69-8251-1BD8E77A1529\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.11.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4CA398C2-2AFF-4D98-A571-482D4D915AC2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:0.11.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1E335419-9EEE-43F3-84EC-DF3335689604\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:1.0.0:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"3E627F76-D230-4516-8154-6FC5FA01EDE1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:1.0.0:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"16F7309F-7FEE-41CE-B3E1-CD123ED94811\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:1.0.0:beta3:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C0A5E78-6C4B-46E8-96E8-403C5A73DC9B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:1.0.0:beta4:*:*:*:*:*:*\",\"matchCriteriaId\":\"0BBE7381-E2DD-42D2-B54E-63F11D8F8390\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:1.0.0:beta5:*:*:*:*:*:*\",\"matchCriteriaId\":\"6565EC39-0D2E-46A9-9F90-D9169D934B93\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:1.0.0:beta6:*:*:*:*:*:*\",\"matchCriteriaId\":\"4CE054B5-642F-4CC9-ADDB-D67F35EFA5AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:1.0.0:beta7:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD9E41A1-0914-41E4-8C54-6045E834B770\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:1.0.0:beta8:*:*:*:*:*:*\",\"matchCriteriaId\":\"4015BEFE-A4E2-4C57-8CB8-27A0C41269E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:1.0.0:beta9:*:*:*:*:*:*\",\"matchCriteriaId\":\"09C548F8-0406-4D6B-99C5-01BC2F103090\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:1.0.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C019AA7-3CA3-4A88-B237-4A65E47D6F14\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ory:hydra:1.0.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"9366464B-A56C-440D-ACB1-9E4B879DF789\"}]}]}],\"references\":[{\"url\":\"https://drive.google.com/file/d/1-25expUYVfK6vsiCmEabUCuelOP7aUDj/view?usp=drivesdk\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/ory/hydra/blob/master/CHANGELOG.md#v100-rc3oryos9-2018-12-06\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/ory/hydra/commit/9b5bbd48a72096930af08402c5e07fce7dd770f3\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://hackerone.com/reports/456333\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://www.youtube.com/watch?v=RIyZLeKEC8E\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://drive.google.com/file/d/1-25expUYVfK6vsiCmEabUCuelOP7aUDj/view?usp=drivesdk\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/ory/hydra/blob/master/CHANGELOG.md#v100-rc3oryos9-2018-12-06\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/ory/hydra/commit/9b5bbd48a72096930af08402c5e07fce7dd770f3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://hackerone.com/reports/456333\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://www.youtube.com/watch?v=RIyZLeKEC8E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…