| Release | Version |
|---|---|
| stretch | 4.2.0-3 |
| buster | 4.4.2-1 |
| buster (security) | 4.4.2-1+deb10u1 |
| bullseye | 5.3.0-2 |
| bookworm | 5.5.0-2 |
| trixie | 5.6.6-2 |
| sid | 5.6.6-2 |
| Bug | stretch | buster | bullseye | bookworm | trixie | sid | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-34246 | vulnerable | fixed | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | Doorkeeper is an OAuth 2 provider for Ruby on Rails / Grape. Prior to ... |
| CVE-2018-1000211 | vulnerable (no DSA, ignored) | fixed | fixed | fixed | fixed | fixed | Doorkeeper version 4.2.0 and later contains a Incorrect Access Control ... |
| CVE-2018-1000088 | vulnerable (no DSA, ignored) | fixed | fixed | fixed | fixed | fixed | Doorkeeper version 2.1.0 through 4.2.5 contains a Cross Site Scripting ... |
| Bug | Description |
|---|---|
| CVE-2020-10187 | Doorkeeper version 5.0.0 and later contains an information disclosure ... |
| CVE-2016-6582 | The Doorkeeper gem before 4.2.0 for Ruby might allow remote attackers ... |
| DSA / DLA | Description |
|---|---|
| DLA-3494-1 | ruby-doorkeeper - security update |