github.com/flipped-aurora/gin-vue-admin is vulnerable to SQL injection. The vulnerability exists due to insecure handling of special elements used in an PostgreSQL Command in `server/service/system/sy ...
Continue Reading
May 30, 2022
Gin-vue-admin is a backstage management system based on vue and gin, which separates the front and rear of the full stack. The problem occurs in the following code in server/service/system/sys_auto_co ...
Continue Reading
May 30, 2022
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:1276 advisory. - golang.org/x/text: Panic in language.Pa ...
Continue Reading
May 30, 2022
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:1275 advisory. - envoy: Null pointer dereference when us ...
Continue Reading
May 30, 2022
pyjwt is vulnerable to authentication bypass. The library permits an attacker submitting a JWT token to choose which algorithms are used when signing in, enabling non-blocklisted, but weak public key ...
Continue Reading
May 30, 2022
PyJWT is a Python implementation of RFC 7519. PyJWT supports multiple different JWT signing algorithms. With JWT, an attacker submitting the JWT token can choose the used signing algorithm. The PyJWT ...
Continue Reading
May 30, 2022
### Impact _What kind of vulnerability is it? Who is impacted?_ Disclosed by Aapo Oksman (Senior Security Specialist, Nixu Corporation). > PyJWT supports multiple different JWT signing algorithms. ...
Continue Reading
May 30, 2022
github.com/argoproj/argo-cd is vulnerable to user impersonation. An attacker is able to send an invalid JSON Web Token (JWT) along with a request if anonymous access to the Argo CD instance is enabled ...
Continue Reading
May 30, 2022
Back to Main
