GHSA-x883-2vmg-xwf7: Authelia's Group Changes may not have the expected results (YAML file backend)

April 22, 2024

Under very specific conditions changes to a users groups may not have the expected results.

The specific conditions are:

References

github.com/advisories/GHSA-x883-2vmg-xwf7
github.com/authelia/authelia
github.com/authelia/authelia/blob/v4.37.5/internal/handlers/handler_verify.go
github.com/authelia/authelia/security/advisories/GHSA-x883-2vmg-xwf7

Code Behaviors & Features

Detect and mitigate GHSA-x883-2vmg-xwf7 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →