Github.Com Gravitational Teleport vulnerabilities
2 known vulnerabilities affecting github.com/gravitational_teleport.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1
Vulnerabilities
Page 1 of 1
CVE-2022-36633P2HIGHPoC≥ 0, < 8.3.17≥ 9.0.0, < 9.3.13+1 more2022-08-25
CVE-2022-36633 [HIGH] CWE-20 Improper token validation leading to code execution in Teleport
Improper token validation leading to code execution in Teleport
Teleport 9.3.6 is vulnerable to Command injection leading to Remote Code Execution. An attacker can craft a malicious ssh agent installation link by URL encoding a bash escape with carriage return line feed. This url encoded payload can be used in place of a token and sent to a user in a social engineering attack. This is fully unauthentica
ghsaosv
CVE-2025-49825P2CRITICALPoC≥ 17.0.0, < 17.5.2≥ 16.0.0, < 16.5.12+5 more2025-06-16
CVE-2025-49825 [CRITICAL] CWE-863 Teleport allows remote authentication bypass
Teleport allows remote authentication bypass
### Impact
A full technical disclosure and open-source patch will be published after the embargo period, ending on June 30th, to allow all users to upgrade.
Teleport security engineers identified a critical security vulnerability that could allow remote authentication bypass of Teleport.
Teleport Cloud Infrastructure and CI/CD build, test, and release infrastructure are
ghsaosv