Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:gem/doorkeeper@1.3.1
purl pkg:gem/doorkeeper@1.3.1
Next non-vulnerable version 5.6.6
Latest non-vulnerable version 5.6.6
Risk 3.1
Vulnerabilities affecting this package (6)
Vulnerability Summary Fixed by
VCID-bss3-b2mz-gyg6
Aliases:
CVE-2023-34246
GHSA-7w2c-w47h-789w
Doorkeeper Improper Authentication vulnerability OAuth RFC 8252 says https://www.rfc-editor.org/rfc/rfc8252#section-8.6 > the authorization server SHOULD NOT process authorization requests automatically without user consent or interaction, except when the identity of the client can be assured. **This includes the case where the user has previously approved an authorization request for a given client id** But Doorkeeper automatically processes authorization requests without user consent for public clients that have been previously approved. Public clients are inherently vulnerable to impersonation, their identity cannot be assured. Issue https://github.com/doorkeeper-gem/doorkeeper/issues/1589 Fix https://github.com/doorkeeper-gem/doorkeeper/pull/1646
5.6.6
Affected by 0 other vulnerabilities.
VCID-jqsd-ye8h-hfd1
Aliases:
CVE-2018-1000211
GHSA-694m-jhr9-pf77
Incorrect Permission Assignment for Critical Resource Doorkeeper contains a vulnerability in Token revocation API's authorized method that can result in Access tokens are not revoked for public OAuth apps, leaking access until expiry.
4.2.5
Affected by 2 other vulnerabilities.
4.4.0
Affected by 1 other vulnerability.
VCID-unwy-fy1v-9qcr
Aliases:
CVE-2014-8144
GHSA-685w-vc84-wxcx
OSV-116010
Doorkeeper vulnerable to Cross-site Request Forgery Cross-site request forgery (CSRF) vulnerability in doorkeeper before 1.4.1 allows remote attackers to hijack the authentication of unspecified victims for requests that read a user OAuth authorization code via unknown vectors.
1.4.1
Affected by 6 other vulnerabilities.
2.0.0
Affected by 6 other vulnerabilities.
VCID-vfr9-mu8k-rbg5
Aliases:
CVE-2018-1000088
GHSA-hwhh-2fwm-cfgw
XSS on authorization consent view Stored XSS on the OAuth Client's name will cause users being prompted for consent via the `implicit` grant type to execute the XSS payload. The XSS attack could gain access to the user's active session, resulting in account compromise. Any user is susceptible if they click the authorization link for the malicious OAuth client. Because of how the links work, a user cannot tell if a link is malicious or not without first visiting the page with the XSS payload. In addition, there is stored XSS in the `native_redirect_uri` form element.
4.2.6
Affected by 2 other vulnerabilities.
VCID-xa34-b97y-tye5
Aliases:
CVE-2016-6582
GHSA-3m6r-39p3-jq25
Broken token revocation, wrong auth/auth method Doorkeeper failed to implement OAuth Token Revocation (RFC ) in the following ways: Public clients making valid, unauthenticated calls to revoke a token would not have their token revoked Requests were not properly authenticating the *client credentials* but were, instead, looking at the access token in a second location Because of 2, the requests were also not authorizing confidential clients' ability to revoke a given token. It should only revoke tokens that belong to it. The security implication is: OAuth clients who "log out" a user expect to have the corresponding access & refresh tokens revoked, preventing an attacker who may have already hijacked the session from continuing to impersonate the victim. Because of the bug described above, this is not the case. As far as OWASP is concerned, this counts as broken authentication design. MITRE has assigned CVE-2016-6582 due to the security issues raised. An attacker, thanks to 1, can replay a hijacked session after a victim logs out/revokes their token. Additionally, thanks to 2 & 3, an attacker via a compromised confidential client could "grief" other clients by revoking their tokens (albeit this is an exceptionally narrow attack with little value).
4.2.0
Affected by 3 other vulnerabilities.
VCID-ypak-x4hq-6qgt
Aliases:
OSVDB-118830
Sensitive information in production logs The program stores sensitive information in production logs. This may allow a local attacker to gain access to sensitive information.
1.4.2
Affected by 4 other vulnerabilities.
2.1.2
Affected by 4 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-06-04T20:14:48.493820+00:00 GitLab Importer Affected by VCID-unwy-fy1v-9qcr https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/doorkeeper/CVE-2014-8144.yml 38.6.0
2026-06-04T20:13:52.173779+00:00 GitLab Importer Affected by VCID-jqsd-ye8h-hfd1 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/doorkeeper/CVE-2018-1000211.yml 38.6.0
2026-06-04T20:07:30.238557+00:00 GitLab Importer Affected by VCID-xa34-b97y-tye5 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/doorkeeper/CVE-2016-6582.yml 38.6.0
2026-06-04T20:04:41.273397+00:00 GitLab Importer Affected by VCID-ypak-x4hq-6qgt https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/doorkeeper/OSVDB-118830.yml 38.6.0
2026-06-04T18:14:11.460359+00:00 Ruby Importer Affected by VCID-bss3-b2mz-gyg6 https://github.com/rubysec/ruby-advisory-db/blob/master/gems/doorkeeper/CVE-2023-34246.yml 38.6.0
2026-06-04T18:11:36.022933+00:00 Ruby Importer Affected by VCID-vfr9-mu8k-rbg5 https://github.com/rubysec/ruby-advisory-db/blob/master/gems/doorkeeper/CVE-2018-1000088.yml 38.6.0
2026-06-04T18:09:30.844535+00:00 Ruby Importer Affected by VCID-unwy-fy1v-9qcr https://github.com/rubysec/ruby-advisory-db/blob/master/gems/doorkeeper/CVE-2014-8144.yml 38.6.0