Cockpit Content Platform through version 2.2.1 is vulnerable to a two-factor authentication (2FA) bypass. The 2FA secret is disclosed in a JWT token after user logs into their account, allowing an att ...
Continue Reading
18 августа, 2022
The remote Ubuntu 22.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-5526-2 advisory. Note that Nessus has not tested for this issue but has instead re ...
Continue Reading
18 августа, 2022
USN-5526-1 fixed vulnerabilities in PyJWT. Unfortunately this caused a regression by incrementing the internal package version number on Ubuntu 22.04 LTS. This update fixes the problem. We apologize f ...
Continue Reading
16 августа, 2022
# Description 2FA secret is disclosed in JWT token after user logs into his account in Cockpit Content Platform ? v2.2.1 allowing attacker to bypass the 2FA code. # Proof of Concept 1.Login with your ...
Continue Reading
12 августа, 2022
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5894 advisory. - minimist: prototype pollution (CVE-2021 ...
Continue Reading
09 августа, 2022
PyJWT is a Python implementation of RFC 7519. PyJWT supports multiple different JWT signing algorithms. With JWT, an attacker submitting the JWT token can choose the used signing algorithm. The PyJWT ...
Continue Reading
04 августа, 2022
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.6 is a ...
Continue Reading
03 августа, 2022
Golang implementation of json web tokens (jwt).Read More ...
Continue Reading
30 июля, 2022
Back to Main
