Ceph vulnerability

Releases Ubuntu 24.10 Ubuntu 24.04 LTS Ubuntu 22.04 LTS Packages ceph - distributed storage and file system Details It was discovered that Ceph incorrectly handled unsupported JWT algorithms in t ...

Continue Reading
ceph vulnerability

It was discovered that Ceph incorrectly handled unsupported JWT algorithms in the RadosGW gateway. An attacker could possibly use this issue to bypass certain authentication checks and...Read More ...

Continue Reading
CVE-2024-13111 Beijing Yunfan Internet Technology Yunfan Learning Examination System JWT Token SysUserControl improper authentication

A vulnerability classified as critical was found in Beijing Yunfan Internet Technology Yunfan Learning Examination System 1.9.2. Affected by this vulnerability is an unknown functionality of the file ...

Continue Reading
CVE-2024-13111 Beijing Yunfan Internet Technology Yunfan Learning Examination System JWT Token SysUserControl improper authentication

A vulnerability classified as critical was found in Beijing Yunfan Internet Technology Yunfan Learning Examination System 1.9.2. Affected by this vulnerability is an unknown functionality of the file ...

Continue Reading
CVE-2024-13111

A vulnerability classified as critical was found in Beijing Yunfan Internet Technology Yunfan Learning Examination System 1.9.2. Affected by this vulnerability is an unknown functionality of the file ...

Continue Reading
CVE-2024-13111

A vulnerability classified as critical was found in Beijing Yunfan Internet Technology Yunfan Learning Examination System 1.9.2. Affected by this vulnerability is an unknown functionality of the file ...

Continue Reading
CVE-2024-43441 Apache HugeGraph-Server: Fixed JWT Token(Secret)

Authentication Bypass by Assumed-Immutable Data vulnerability in Apache HugeGraph-Server. This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.5.0. Users are recommended to upgrade to versi ...

Continue Reading
CVE-2024-48916

A vulnerability in the Ceph Rados Gateway (RadosGW) OIDC provider allows attackers to bypass JWT signature verification by supplying a token with "none" as the algorithm (alg). This ...

Continue Reading

Back to Main

Subscribe for the latest news: