python-jose through 3.3.0 allows attackers to cause a denial of service (resource consumption) during a decode via a crafted JSON Web Encryption (JWE) token with a high compression ratio, aka a &q ...
Continue Reading
April 26, 2024
python-jose through 3.3.0 allows attackers to cause a denial of service (resource consumption) during a decode via a crafted JSON Web Encryption (JWE) token with a high compression ratio, aka a &q ...
Continue Reading
April 26, 2024
python-jose through 3.3.0 allows attackers to cause a denial of service (resource consumption) during a decode via a crafted JSON Web Encryption (JWE) token with a high compression ratio, aka a &q ...
Continue Reading
April 26, 2024
cdbattags lua-resty-jwt 0.2.3 allows attackers to bypass all JWT-parsing signature checks by crafting a JWT with an enc header with the value...Read More ...
Continue Reading
April 25, 2024
SpEL Injection in PUT /api/v1/events/subscriptions (GHSL-2023-251) Please note, only authenticated users have access to PUT / POST APIS for /api/v1/policies. Non authenticated users will not be able t ...
Continue Reading
April 24, 2024
SpEL Injection in GET /api/v1/policies/validation/condition/<expr> (GHSL-2023-236) Please note, only authenticated users have access to PUT / POST APIS for /api/v1/policies. Non authenti ...
Continue Reading
April 24, 2024
SpEL Injection in PUT /api/v1/policies (GHSL-2023-252) Please note, only authenticated users have access to PUT / POST APIS for /api/v1/policies. Non authenticated users will not be able to access the ...
Continue Reading
April 24, 2024
SpEL Injection in PUT /api/v1/events/subscriptions (GHSL-2023-251) Please note, only authenticated users have access to PUT / POST APIS for /api/v1/policies. Non authenticated users will not be able t ...
Continue Reading
April 24, 2024
Back to Main
