Tolgee is an open-source localization platform. When API key created by admin user is used it bypasses the permission check at all. This error was introduced in v3.57.2 and immediately fixed in...Read ...
Continue Reading
April 19, 2024
Tolgee is an open-source localization platform. For the /v2/projects/translations and /v2/projects/{projectId}/translations endpoints, translation data was returned even when API key was missing trans ...
Continue Reading
April 19, 2024
...Read More ...
Continue Reading
April 19, 2024
An issue inandrei-tatar nora-firebase-common between v.1.0.41 and v.1.12.2 allows a remote attacker to execute arbitrary code via a crafted script to the updateState parameter of the updateStateIntern ...
Continue Reading
April 18, 2024
源码中密码校验处使用 != 符号,而不是hmac.Equal,这可能导致产生计时攻击漏洞,从而爆破密码。 建议使用 hmac.Equal...Read More ...
Continue Reading
April 18, 2024
Summary IBM Sterling B2B Integrator uses Apache Commons BeanUtils. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details ** CVEID: CVE-2014-0114 DESCRIPTION ...
Continue Reading
April 18, 2024
Summary IBM Aspera Faspex 5.0.8 has addressed multiple encryption vulnerabilities (CVE-2023-22869, CVE-2023-37396, CVE-2023-27279, CVE-2023-37395, CVE-2023-37397, CVE-2022-40745) Vulnerability Details ...
Continue Reading
April 18, 2024
Airflow versions 2.7.0 through 2.8.4 have a vulnerability that allows an authenticated user to see sensitive provider configuration via the "configuration" UI page when "no ...
Continue Reading
April 18, 2024
Back to Main
