GHSA-jhmr-57cj-q6g9: Komari vulnerable to 2FA Authentication Bypass
Logic error in 2FA verification condition allows bypass of two-factor authentication
References
- github.com/advisories/GHSA-jhmr-57cj-q6g9
- github.com/komari-monitor/komari
- github.com/komari-monitor/komari/blob/bd5a6934e1b79a12cf1e6a9bba5372d0e04f3abc/api/login.go
- github.com/komari-monitor/komari/commit/cc3d54bff4c6495beaa1c7483379cd04542c557f
- github.com/komari-monitor/komari/releases/tag/1.0.4-fix1
- github.com/komari-monitor/komari/security/advisories/GHSA-jhmr-57cj-q6g9
Code Behaviors & Features
Detect and mitigate GHSA-jhmr-57cj-q6g9 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →