Latest version: v7.0.0
| CVE/PVE | Vulnerability ID | Advisory | Affected versions | Severity | Severity Score |
|---|---|---|---|---|---|
| CVE-2024-45793 | 73295 |
Confidant affected versions contain a critical Cross-Site Scripting (… |
|
- | - |
| PVE-2025-75464 | 75464 |
Confidant fixes potential XSS from API call by enforcing strict HTTP … |
|
- | - |
| PVE-2021-38560 | 38560 |
Confidant 6.3.0 adds support for keeping track of when credentials sh… |
|
- | - |
| PVE-2021-39195 | 45041 |
In confidant 5.0.0 updates its dependency 'lxml' to v4.4.1 to include… |
|
HIDDEN | X.Y |
| CVE-2018-18074 | 45035 |
In confidant 5.0.0 updates its dependency 'requests' to a version >=2… |
|
HIGH | 7.5 |
| CVE-2018-1000807 | 37471 |
Confidant 5.0.0 updates its dependency 'pyopenssl' to v19.0.0 to incl… |
|
HIGH | 8.1 |
| CVE-2018-1000656 | 45034 |
In confidant 5.0.0 updates its dependency 'flask' to v1.1.1 to includ… |
|
HIGH | 7.5 |
| CVE-2018-1000808 | 45032 |
In confidant 5.0.0 updates its dependency 'pyopenssl' to v19.0.0 to i… |
|
MEDIUM | 5.9 |
| CVE-2019-14806 | 45043 |
Confidant 5.0.0 updates its dependency 'werkzeug' to v0.15.6 to inclu… |
|
HIGH | 7.5 |
| CVE-2019-10906 | 45039 |
Confidant 5.0.0 updates its dependency 'jinja2' to v2.10.1 to include… |
|
HIGH | 8.6 |
| CVE-2019-1010083 | 45033 |
In confidant 5.0.0 updates its dependency 'flask' to v1.1.1 to includ… |
|
HIGH | 7.5 |
| CVE-2018-19787 | 45040 |
In confidant 5.0.0 updates its dependency 'lxml' to v4.4.1 to include… |
|
MEDIUM | 6.1 |
| PVE-2021-39454 | 45042 |
In confidant 5.0.0 updates its dependency 'python3-saml' to v1.8.0 to… |
|
HIDDEN | X.Y |
| CVE-2018-1000164 | 45037 |
In confidant 5.0.0 updates its dependency 'gunicorn' to a version >=1… |
|
HIGH | 7.5 |
| CVE-2017-18342 | 45036 |
In confidant 5.0.0 updates its dependency 'pyyaml' to v5.1.2 to inclu… |
|
CRITICAL | 9.8 |
| PVE-2021-40103 | 45038 |
In confidant 5.0.0 updates its dependency 'gunicorn' to a version >=1… |
|
HIDDEN | X.Y |
| CVE-2016-1000252 | 38505 |
Confidant 1.6.0 updates python-saml to address CVE-2016-1000252. |
|
HIGH | 7.5 |
| PVE-2021-25668 | 25668 |
confidant 1.1.14 contains a security fix: While preparing for the 1.1… |
|
- | - |
| PVE-2021-26670 | 26670 |
Confidant 1.1.13 includes a security fix. It was discovered when addi… |
|
- | - |
| CVE-2016-5180 | 38504 |
Confidant 1.10.0 upgrade 'gevent' and 'greenlet' dependencies to fix … |
|
CRITICAL | 9.8 |