Newton's Preposterous Miscalculation
keystone

Authentication Weakness

Severity: low

Overview

Versions of keystone prior to 0.3.16 are affected by a partial authentication bypass vulnerability. In the default sign in functionality, if an attacker provides a full and correct password, yet only provides part of the associated email address, authentication will be granted.

Remediation

Update to version 0.3.16 or later.

Vulnerable versions

0.0.9
5 years ago
0.0.10
5 years ago
0.0.11
5 years ago
0.0.12
5 years ago
0.0.13
5 years ago
0.0.14
5 years ago
0.0.15
5 years ago
0.0.16
5 years ago
0.0.17
5 years ago
0.0.18
5 years ago
0.0.19
5 years ago
0.0.20
5 years ago
0.0.21
5 years ago
0.0.22
5 years ago
0.0.23
5 years ago
0.0.24
5 years ago
0.0.25
5 years ago
0.0.26
5 years ago
0.0.27
5 years ago
0.0.28
5 years ago
0.0.29
5 years ago
0.0.30
5 years ago
0.0.31
5 years ago
0.0.32
5 years ago
0.0.33
5 years ago
0.0.34
5 years ago
0.0.35
5 years ago
0.0.36
5 years ago
0.0.37
5 years ago
0.0.38
5 years ago
0.0.39
5 years ago
0.0.40
5 years ago
0.0.41
5 years ago
0.0.42
5 years ago
0.0.43
5 years ago
0.1.0
5 years ago
0.1.1
5 years ago
0.1.2
5 years ago
0.1.3
5 years ago
0.1.4
5 years ago
0.1.5
5 years ago
0.1.6
5 years ago
0.1.7
5 years ago
0.1.8
5 years ago
0.1.9
5 years ago
0.1.10
5 years ago
0.1.11
5 years ago
0.1.12
5 years ago
0.1.13
5 years ago
0.1.14
5 years ago
0.1.15
5 years ago
0.1.16
5 years ago
0.1.17
5 years ago
0.1.18
5 years ago
0.1.19
5 years ago
0.1.20
5 years ago
0.1.21
5 years ago
0.1.22
5 years ago
0.1.23
5 years ago
0.1.24
5 years ago
0.1.25
5 years ago
0.1.26
5 years ago
0.1.27
5 years ago
0.1.28
5 years ago
0.1.29
5 years ago
0.1.30
5 years ago
0.1.31
5 years ago
0.1.32
5 years ago
0.1.33
5 years ago
0.1.34
5 years ago
0.1.35
5 years ago
0.1.36
5 years ago
0.1.37
5 years ago
0.1.38
5 years ago
0.1.39
5 years ago
0.1.40
5 years ago
0.1.41
5 years ago
0.1.42
5 years ago
0.1.43
5 years ago
0.1.44
5 years ago
0.1.45
5 years ago
0.1.46
5 years ago
0.1.47
5 years ago
0.1.48
5 years ago
0.1.49
5 years ago
0.1.50
5 years ago
0.1.51
5 years ago
0.1.52
5 years ago
0.1.53
5 years ago
0.1.54
5 years ago
0.1.55
5 years ago
0.2.0
5 years ago
0.2.1
5 years ago
0.2.2
5 years ago
0.2.3
5 years ago
0.2.4
5 years ago
0.2.5
4 years ago
0.2.6
4 years ago
0.2.7
4 years ago
0.2.8
4 years ago
0.2.9
4 years ago
0.2.10
4 years ago
0.2.11
4 years ago
0.2.12
4 years ago
0.2.13
4 years ago
0.2.14
4 years ago
0.2.15
4 years ago
0.2.16
4 years ago
0.2.17
4 years ago
0.2.18
4 years ago
0.2.19
4 years ago
0.2.20
4 years ago
0.2.21
4 years ago
0.2.22
4 years ago
0.2.23
4 years ago
0.2.24
4 years ago
0.2.25
4 years ago
0.2.26
4 years ago
0.2.27
4 years ago
0.2.28
4 years ago
0.2.29
4 years ago
0.2.30
4 years ago
0.2.31
4 years ago
0.2.32
4 years ago
0.2.33
4 years ago
0.2.34
4 years ago
0.2.35
4 years ago
0.2.36
4 years ago
0.2.37
4 years ago
0.2.38
4 years ago
0.2.39
4 years ago
0.2.40
4 years ago
0.2.41
4 years ago
0.2.42
4 years ago
0.3.0
4 years ago
0.3.1
4 years ago
0.3.2
3 years ago
0.3.3
3 years ago
0.3.4
3 years ago
0.3.5
3 years ago
0.3.6
3 years ago
0.3.7
3 years ago
0.3.8
3 years ago
0.3.9
3 years ago
0.3.10
3 years ago
0.3.11
3 years ago
0.3.12
3 years ago
0.3.13
3 years ago
0.3.14
3 years ago
0.3.15
3 years ago

Unaffected versions

0.3.16
3 years ago
0.3.17
2 years ago
0.3.18
2 years ago
0.3.19
2 years ago
0.3.20
2 years ago
0.3.21
2 years ago
0.3.22
2 years ago
4.0.0-beta.1
2 years ago
4.0.0-beta.2
2 years ago
4.0.0-beta.3
2 years ago
4.0.0-beta.4
2 years ago
4.0.0-beta.5
2 years ago
4.0.0-beta.7
10 months ago
4.0.0-beta.8
7 months ago
4.0.0-rc.0
2 months ago
4.0.0-rc.1
a month ago
4.0.0
21 days ago

Advisory timeline

  1. Published

    Advisory published
    Dec 4th, 2015
  2. Reported

    Initial report by Greg Meyer
    Dec 4th, 2015