github.com/awake1t/linglong is vulnerable to access control bypass. The vulnerability exists in the `jwt.go` due to the hard coded jwt token which allows an attacker to craft a malicious cookie and ga ...
Continue Reading01 июня, 2022
The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5451-1 advisory. - InfluxDB before 1.7.6 has an authentication bypas ...
Continue Reading31 мая, 2022
A Python implementation of JSON Web Token draft 01. This library provides a means of representing signed content using JSON data structures, including claims to be transferred between two parties enco ...
Continue Reading30 мая, 2022
A DoS vulnerability in the crypto/elliptic implementations of the P-521 and P-384 elliptic curves may let an attacker craft inputs that consume excessive amounts of CPU. These inputs might be delivere ...
Continue Reading30 мая, 2022
PyJWT is a Python implementation of RFC 7519. PyJWT supports multiple different JWT signing algorithms. With JWT, an attacker submitting the JWT token can choose the used signing algorithm. The PyJWT ...
Continue Reading30 мая, 2022
## Problem Description NATS nats-server through 2020-10-07 has Incorrect Access Control because of how expired credentials are handled. The NATS accounts system has expiration timestamps on credential ...
Continue Reading30 мая, 2022
### Impact Several vulnerabilities have been reported in the `time` and `chrono` crates related to handling of calls to `localtime_r`. You can follow some of the discussions [here](https://github.com/ ...
Continue Reading30 мая, 2022
NATS Server 2.x before 2.2.0 and JWT library before 2.0.1 have Incorrect Access Control because Import Token bindings are mishandled.Read More ...
Continue Reading30 мая, 2022
Back to Main