Dragonfly is an open source P2P-based file distribution and image acceleration system. It is hosted by the Cloud Native Computing Foundation (CNCF) as an Incubating Level Project. Dragonfly uses JWT t ...
Continue Reading
September 19, 2024
Summary Hello dragonfly maintainer team, I would like to report a security issue concerning your JWT feature. Details Dragonfly uses JWT to verify user. However, the secret key for JWT, "Se ...
Continue Reading
September 19, 2024
trivy was updated to fix the following issues: Update to version 0.54.1: fix(flag): incorrect behavior for deprected flag --clear-cache [backport: release/v0.54] (#7285) fix(java): Return error when ...
Continue Reading
September 19, 2024
trivy was updated to fix the following issues: Update to version 0.54.1: fix(flag): incorrect behavior for deprected flag --clear-cache [backport: release/v0.54] (#7285) fix(java): Return error when ...
Continue Reading
September 19, 2024
A vulnerability was found in the Nimbus Jose JWT package. This issue could allow an attacker to use a malicious large JWE p2c header value for PasswordBasedDecrypter and cause a Denial of Service...Re ...
Continue Reading
September 16, 2024
An issue has been discovered in GitLab EE/CE affecting all versions from 16.9.7 prior to 17.1.7, 17.2 prior to 17.2.5, and 17.3 prior to 17.3.2. An improper input validation error allows attacker to s ...
Continue Reading
September 15, 2024
Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low la ...
Continue Reading
September 15, 2024
An improper access control vulnerability exists in lunary-ai/lunary at the latest commit (a761d83) on the main branch. The vulnerability allows an attacker to use the auth tokens issued by the 'i ...
Continue Reading
September 15, 2024
Back to Main
