GO-2024-2637: Account Takeover via Session Fixation in Zitadel [Bypassing MFA] in github.com/zitadel/zitadel
GO-2024-2664: ZITADEL's actions can overload reserved claims in github.com/zitadel/zitadel
GO-2024-2665: ZITADEL's Improper Content-Type Validation Leads to Account Takeover via Stored XSS + CSP Bypass in github.com/zitadel/zitadel
GO-2024-2788: ZITADEL's Improper Lockout Mechanism Leads to MFA Bypass in github.com/zitadel/zitadel
GO-2024-2804: Zitadel exposing internal database user name and host information in github.com/zitadel/zitadel
package
Version:
v1.87.5
Opens a new window with list of versions in this module.
Published: Dec 20, 2022
License: Apache-2.0
Opens a new window with license information.
Imports: 7
Opens a new window with list of imports.
Imported by: 0
Opens a new window with list of known importers.
Documentation
¶
-
func NewCA() (*rsa.PrivateKey, []byte, error)
-
func NewClient(caPrivKey *rsa.PrivateKey, ca []byte, user string) (*rsa.PrivateKey, []byte, error)
-
func NewNode(caPrivKey *rsa.PrivateKey, ca []byte, namespace string, clusterDns string) (*rsa.PrivateKey, []byte, error)
Source Files
¶
Click to show internal directories.
Click to hide internal directories.