{"id":"CVE-2021-45890","details":"basic/BasicAuthProvider.java in AuthGuard before 0.9.0 allows authentication via an inactive identifier.","modified":"2026-04-12T03:55:53.492120Z","published":"2021-12-27T20:15:07.480Z","references":[{"type":"ADVISORY","url":"https://github.com/AuthGuard/AuthGuard/compare/v0.8.0...v0.9.0"},{"type":"REPORT","url":"https://github.com/AuthGuard/AuthGuard/issues/166"},{"type":"FIX","url":"https://github.com/AuthGuard/AuthGuard/commit/9783b1143da6576028de23e15a1f198b1f937b82"},{"type":"FIX","url":"https://github.com/AuthGuard/AuthGuard/pull/181"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/AuthGuard/AuthGuard","events":[{"introduced":"0"},{"fixed":"d8fb797b20c39719c70132d4c83e656521e471ad"}],"database_specific":{"extracted_events":[{"introduced":"0"},{"fixed":"0.9.0"}],"cpe":"cpe:2.3:a:authguard_project:authguard:*:*:*:*:*:*:*:*","source":"CPE_FIELD"}}],"versions":["0.3.0","v0.6.0","v0.6.1","v0.7.0","v0.8.0"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-45890.json"}},{"ranges":[{"type":"GIT","repo":"https://github.com/authguard/authguard","events":[{"introduced":"0"},{"fixed":"9783b1143da6576028de23e15a1f198b1f937b82"}],"database_specific":{"source":"REFERENCES"}}],"versions":["0.3.0","v0.6.0","v0.6.1","v0.7.0","v0.8.0"],"database_specific":{"vanir_signatures":[{"deprecated":false,"digest":{"threshold":0.9,"line_hashes":["167451568374590941642638019719435585980","244461828869912855486190070844818968020","110533295592723580884075625693817486629","6727291960660647492694646324850011975","195524628311366956063717402381845051477","70824970217294445646298249717423644273","239757304757888333073196595667093680713"]},"target":{"file":"basic-auth/src/test/java/com/nexblocks/authguard/basic/BasicAuthProviderTest.java"},"signature_type":"Line","source":"https://github.com/authguard/authguard/commit/9783b1143da6576028de23e15a1f198b1f937b82","signature_version":"v1","id":"CVE-2021-45890-3716e3c1"},{"deprecated":false,"digest":{"function_hash":"156748055427572707027455893573753558502","length":607},"target":{"function":"verifyCredentialsAndGetAccount","file":"basic-auth/src/main/java/com/nexblocks/authguard/basic/BasicAuthProvider.java"},"signature_type":"Function","source":"https://github.com/authguard/authguard/commit/9783b1143da6576028de23e15a1f198b1f937b82","signature_version":"v1","id":"CVE-2021-45890-37777aba"},{"deprecated":false,"digest":{"function_hash":"31423526453879081218906602053074544697","length":326},"target":{"function":"verifyCredentialsAndGetAccount","file":"basic-auth/src/main/java/com/nexblocks/authguard/basic/BasicAuthProvider.java"},"signature_type":"Function","source":"https://github.com/authguard/authguard/commit/9783b1143da6576028de23e15a1f198b1f937b82","signature_version":"v1","id":"CVE-2021-45890-7f9b402a"},{"deprecated":false,"digest":{"threshold":0.9,"line_hashes":["30339207016731526823475821203145998952","237493918917445117086843407447476730824","195696297985794415947037894285166722498","59030671861724921690586633073770806895"]},"target":{"file":"service-api/src/main/java/com/nexblocks/authguard/service/exceptions/codes/ErrorCode.java"},"signature_type":"Line","source":"https://github.com/authguard/authguard/commit/9783b1143da6576028de23e15a1f198b1f937b82","signature_version":"v1","id":"CVE-2021-45890-8f69176a"},{"deprecated":false,"digest":{"function_hash":"313821238547583351448578767452514814025","length":1023},"target":{"function":"authenticate","file":"basic-auth/src/test/java/com/nexblocks/authguard/basic/BasicAuthProviderTest.java"},"signature_type":"Function","source":"https://github.com/authguard/authguard/commit/9783b1143da6576028de23e15a1f198b1f937b82","signature_version":"v1","id":"CVE-2021-45890-c185195a"},{"deprecated":false,"digest":{"threshold":0.9,"line_hashes":["201559486459685630455182539774519015215","305309987987366996116947124261328106850","25689703975335259379157252414779480968","46124762262897755457166005675124312426"]},"target":{"file":"service-api/src/main/java/com/nexblocks/authguard/service/model/UserIdentifier.java"},"signature_type":"Line","source":"https://github.com/authguard/authguard/commit/9783b1143da6576028de23e15a1f198b1f937b82","signature_version":"v1","id":"CVE-2021-45890-e0fddcc2"},{"deprecated":false,"digest":{"threshold":0.9,"line_hashes":["22214750003900349557462986305969541362","126448820680283142044260122981539736148","92373096140101911942297410542047478189","61481259893629621771726770020027193290","174772473666014353802964198251701151796","179700644048307070213302642732886322410","217235780360665246504306858829811732265","323853222717439550910662091304485431350","296652433523478802321946300034504237957","146000067014268965655070353432237092140","234040505066537207772850258631597931717","332694152203992319604560548049949212272","136872266342728900586140003671738504004","325681963130043785140076653370785752449","108015144445120882093882979612440175278","218403671869182823479685485069552104671","311723854284278882750727088753999027533","325039254501209277499457548022885147493"]},"target":{"file":"basic-auth/src/main/java/com/nexblocks/authguard/basic/BasicAuthProvider.java"},"signature_type":"Line","source":"https://github.com/authguard/authguard/commit/9783b1143da6576028de23e15a1f198b1f937b82","signature_version":"v1","id":"CVE-2021-45890-e992fe6f"}],"vanir_signatures_modified":"2026-04-12T03:55:53Z","source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-45890.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}