Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.26.0, 1.25.3, 1.24.4, 1.23.6, and 1.22.9, the OAuth filter assumes that a `state` query param ...
Continue Reading
May 01, 2023
A flaw was found in Envoy. If Envoy is running with the OAuth filter enabled, a malicious actor could construct a request which would cause denial of service, crashing Envoy.Read More ...
Continue Reading
May 01, 2023
> **April 2023 update** â Microsoft Threat Intelligence has shifted to a new threat actor naming taxonomy aligned around the theme of weather. **MERCURY** is now tracked as **Mango Sandstorm** ...
Continue Reading
May 01, 2023
> **April 2023 update** â Microsoft Threat Intelligence has shifted to a new threat actor naming taxonomy aligned around the theme of weather. **MERCURY** is now tracked as **Mango Sandstorm** ...
Continue Reading
May 01, 2023
# Description If you visit https://nuxt.com, you will find hardcoded Github token in the source code of the page - `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`. This token has access to multiple reposit ...
Continue Reading
May 01, 2023
The version of Jenkins Enterprise or Jenkins Operations Center running on the remote web server is 2.346.x prior to 2.346.40.0.15. It is, therefore, affected by multiple vulnerabilities including the ...
Continue Reading
May 01, 2023
The remote Fedora 37 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2023-cb20f08a4e advisory. - A maliciously crafted HTTP/2 stream could cause excessiv ...
Continue Reading
May 01, 2023
A library for performing OAuth Device flow and Web application flow in Go client apps.Read More ...
Continue Reading
May 01, 2023
Back to Main
