The remote Debian 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5529 advisory. Note that Nessus has not tested for this issue but has instead relied only ...
Continue Reading
December 15, 2023
light-oauth2 before version 2.1.27 obtains the public key without any verification. This could allow attackers to authenticate to the application with a crafted JWT token.Read More ...
Continue Reading
December 15, 2023
Summary The json-web-token library is vulnerable to a JWT algorithm confusion attack. Details On line 86 of the 'index.js' file, the algorithm to use for verifying the signature of the JWT t ...
Continue Reading
December 15, 2023
Summary The json-web-token library is vulnerable to a JWT algorithm confusion attack. Details On line 86 of the 'index.js' file, the algorithm to use for verifying the signature of the JWT t ...
Continue Reading
December 15, 2023
- ------------------------------------------------------------------------- Debian Security Advisory DSA-5529-1 [email protected] https://www.debian.org/security/ ...
Continue Reading
December 15, 2023
JWT tokens signed using NKeys for Ed25519 for the NATS...Read More ...
Continue Reading
December 15, 2023
Impact If successful login attempts are recorded, the raw tokens are stored in the log table. If a malicious person somehow views the data in the log table, he or she can obtain a raw token, which can ...
Continue Reading
December 15, 2023
The remote Fedora 39 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2023-6b89bc0305 advisory. Contains updates to address CVE-2022-{28357,41717} and also ...
Continue Reading
December 15, 2023
Back to Main
