CVE-2023-34246

NameCVE-2023-34246
DescriptionDoorkeeper is an OAuth 2 provider for Ruby on Rails / Grape. Prior to version 5.6.6, Doorkeeper automatically processes authorization requests without user consent for public clients that have been previous approved. Public clients are inherently vulnerable to impersonation, their identity cannot be assured. This issue is fixed in version 5.6.6.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDLA-3494-1, DLA-3989-1
Debian Bugs1038950

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
ruby-doorkeeper (PTS)bullseye5.3.0-2vulnerable
bullseye (security)5.3.0-2+deb11u1fixed
bookworm5.5.0-2vulnerable
sid, trixie5.6.6-2fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
ruby-doorkeepersourceexperimental5.6.6-1
ruby-doorkeepersourcebuster4.4.2-1+deb10u1DLA-3494-1
ruby-doorkeepersourcebullseye5.3.0-2+deb11u1DLA-3989-1
ruby-doorkeepersource(unstable)5.6.6-21038950

Notes

[bookworm] - ruby-doorkeeper <no-dsa> (Minor issue)
https://github.com/doorkeeper-gem/doorkeeper/security/advisories/GHSA-7w2c-w47h-789w
https://github.com/doorkeeper-gem/doorkeeper/issues/1589
https://github.com/doorkeeper-gem/doorkeeper/pull/1646
Fixed by: https://github.com/doorkeeper-gem/doorkeeper/commit/f202079baac4c978a01ccc9a45d78fde368ac907 (v5.6.6)

Search for package or bug name: Reporting problems