The CHECK command in Cosign 2.0.1 and previous versions allows remote malicious users to bypass authentication requirements via CR (\r) sequences in the cosign cookie parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cosign cosign 0.7.0 |
||
cosign cosign 1.7 |
||
cosign cosign 1.8 |
||
cosign cosign 1.5 |
||
cosign cosign 1.6 |
||
cosign cosign 0.8.0 |
||
cosign cosign 0.9.0 |
||
cosign cosign 1.8.5 |
||
cosign cosign 1.9 |
||
cosign cosign 1.0 |
||
cosign cosign 1.1 |
||
cosign cosign 2.0.1 |