CVE-2023-27584 Dragonfly2 vulnerable to hard coded cyptographic key

Dragonfly is an open source P2P-based file distribution and image acceleration system. It is hosted by the Cloud Native Computing Foundation (CNCF) as an Incubating Level Project. Dragonfly uses JWT t ...

Continue Reading
CVE-2023-27584 Dragonfly2 vulnerable to hard coded cyptographic key

Dragonfly is an open source P2P-based file distribution and image acceleration system. It is hosted by the Cloud Native Computing Foundation (CNCF) as an Incubating Level Project. Dragonfly uses JWT t ...

Continue Reading
CVE-2023-27584

Dragonfly is an open source P2P-based file distribution and image acceleration system. It is hosted by the Cloud Native Computing Foundation (CNCF) as an Incubating Level Project. Dragonfly uses JWT t ...

Continue Reading
Dragonfly2 has hard coded cyptographic key

Summary Hello dragonfly maintainer team, I would like to report a security issue concerning your JWT feature. Details Dragonfly uses JWT to verify user. However, the secret key for JWT, "Se ...

Continue Reading
Security update for trivy

trivy was updated to fix the following issues: Update to version 0.54.1: fix(flag): incorrect behavior for deprected flag --clear-cache [backport: release/v0.54] (#7285) fix(java): Return error when ...

Continue Reading
Security update for trivy

trivy was updated to fix the following issues: Update to version 0.54.1: fix(flag): incorrect behavior for deprected flag --clear-cache [backport: release/v0.54] (#7285) fix(java): Return error when ...

Continue Reading
CVE-2023-52428

A vulnerability was found in the Nimbus Jose JWT package. This issue could allow an attacker to use a malicious large JWE p2c header value for PasswordBasedDecrypter and cause a Denial of Service...Re ...

Continue Reading
CVE-2024-8754

An issue has been discovered in GitLab EE/CE affecting all versions from 16.9.7 prior to 17.1.7, 17.2 prior to 17.2.5, and 17.3 prior to 17.3.2. An improper input validation error allows attacker to s ...

Continue Reading

Back to Main

Subscribe for the latest news: