Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized too ...

Continue Reading

November 16, 2022

DataHub is an open-source metadata platform. Prior to version 0.8.45, the `StatelessTokenService` of the DataHub metadata service (GMS) does not verify the signature of JWT tokens. This allows an atta ...

Continue Reading

November 15, 2022

# Missing JWT signature check (`GHSL-2022-078`) The [`StatelessTokenService`](https://github.com/datahub-project/datahub/blob/aa146db611e3a4ca3aa17bb740783f789d4444d3/metadata-service/auth-impl/src/ma ...

Continue Reading

November 15, 2022

# Missing JWT signature check (`GHSL-2022-078`) The [`StatelessTokenService`](https://github.com/datahub-project/datahub/blob/aa146db611e3a4ca3aa17bb740783f789d4444d3/metadata-service/auth-impl/src/ma ...

Continue Reading

November 15, 2022

An issue was discovered in Object First 1.0.7.712. The authorization service has a flow that allows getting access to the Web UI without knowing credentials. For signing, the JWT token uses a secret k ...

Continue Reading

November 15, 2022

[![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhVHagwDgVhZp53WwG_gFmIQMRv_3tyd7uC75ba026ZOoy2gPWiQffdIRRhgUE-eS1JOHe4X6699mSkR1MtiSIOW8lPQx4vt3ZHcQhLsZ8jITXN1eLAlO3W14YHnvwAN2X1jGTbHI ...

Continue Reading

November 15, 2022

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 6f6c9420-6297-11ed-9ca2-6c3be5272acd advisory. - Gr ...

Continue Reading

November 15, 2022

Grafana is an open source observability and data visualization platform. Versions of Grafana for endpoints prior to 9.1.8 and 8.5.14 could leak authentication tokens to some destination plugins under ...

Continue Reading

October 17, 2022