SUSE SLES15 Security Update : python-PyJWT (SUSE-SU-2022:3545-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2022:3545-1 advisory. - PyJWT is a Python implementation of RFC 7519. PyJW ...

Continue Reading
generator-jhipster vulnerable to login check Regular Expression Denial of Service

### Impact For applications using JWT or session-based authentication (not OIDC), users can input a login string which can cause a denial of service, as parsing it will be too complex. Here is an exam ...

Continue Reading
(RHSA-2022:6821) Important: Red Hat JBoss Enterprise Application Platform 7.4.7 Security update

Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.7 serves ...

Continue Reading

CVSS3 - HIGH

CVSS2 - MEDIUM

(RHSA-2022:6822) Important: Red Hat JBoss Enterprise Application Platform 7.4.7 Security update

Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.7 serves ...

Continue Reading

CVSS3 - HIGH

CVSS2 - MEDIUM

(RHSA-2022:6823) Important: Red Hat JBoss Enterprise Application Platform 7.4.7 Security update

Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.7 serves ...

Continue Reading

CVSS3 - HIGH

CVSS2 - MEDIUM

CVE-2022-36083

(JOSE is "JSON Web Almost Everything" - JWA, JWS, JWE, JWT, JWK, JWKS w ...)Read More ...

Continue Reading

CVSS3 - MEDIUM

Denial Of Service (DOS)

Consul is vulnerable to authorization denial of service. Due to incorrectly validating JWT characters, an attacker can continually request TLS certificates and ACL tokens. This unnecessary information ...

Continue Reading

CVSS3 - HIGH

Authentication Bypass

python-jwt is vulnerable to authentication bypass. An attacker can spoof the other user's identities and hijack their sessions by obtaining the JWT token and arbitrarily forging its contents without k ...

Continue Reading

Back to Main

Subscribe for the latest news:
Generated by Feedzy