Envoy is a cloud-native edge/middle/service proxy. Envoy does not decode escaped slash sequences %2F and %5C in HTTP URL paths in versions 1.18.2 and before. A remote attacker may craft a path with es ...
Continue Reading
February 01, 2024
Envoy is a cloud-native edge/middle/service proxy. Envoy does not decode escaped slash sequences %2F and %5C in HTTP URL paths in versions 1.18.2 and before. A remote attacker may craft a path with es ...
Continue Reading
February 01, 2024
Envoy is a cloud-native high-performance edge/middle/service proxy. In Envoy version 1.17.0 an attacker can bypass authentication by presenting a JWT token with an issuer that is not in the provider l ...
Continue Reading
February 01, 2024
Envoy is a cloud-native high-performance edge/middle/service proxy. In Envoy version 1.17.0 an attacker can bypass authentication by presenting a JWT token with an issuer that is not in the provider l ...
Continue Reading
February 01, 2024
NATS Server 2.x before 2.2.0 and JWT library before 2.0.1 have Incorrect Access Control because Import Token bindings are...Read More ...
Continue Reading
February 01, 2024
NATS Server 2.x before 2.2.0 and JWT library before 2.0.1 have Incorrect Access Control because Import Token bindings are...Read More ...
Continue Reading
February 01, 2024
A path traversal vulnerability via the GitLab Workhorse in all versions of GitLab could result in the leakage of a JWT...Read More ...
Continue Reading
February 01, 2024
A path traversal vulnerability via the GitLab Workhorse in all versions of GitLab could result in the leakage of a JWT...Read More ...
Continue Reading
February 01, 2024
Back to Main
