FlyteAdmin’s Default OAuth Authorization Server secret must be rotated

### Impact Users who enable the default [Flyte’s authorization server](https://docs.flyte.org/en/latest/deployment/cluster_config/auth_setup.html#oauth2-authorization-server) without changing the de ...

Continue Reading
CVE-2022-39222

This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will b ...

Continue Reading
FlyteAdmin’s Default OAuth Authorization Server secret must be rotated

### Impact Users who enable the default [Flyte’s authorization server](https://docs.flyte.org/en/latest/deployment/cluster_config/auth_setup.html#oauth2-authorization-server) without changing the de ...

Continue Reading
[SECURITY] Fedora 37 Update: python-oauthlib-3.2.1-1.fc37

OAuthLib is a generic utility which implements the logic of OAuth without assuming a specific HTTP request object or web framework. Use it to graft OAuth client support onto your favorite HTTP library ...

Continue Reading

CVSS3 - MEDIUM

A week in security (September 26 – October 2)

Last week on Malwarebytes Labs: * [Why (almost) everything we told you about passwords was wrong]() * [Two new Exchange Server zero-days in the wild]() * [Local government cybersecurity: 5 best ...

Continue Reading
Dex vulnerable to Man-in-the-Middle allowing ID token capture via intercepted authorization code

### Impact Dex instances with public clients (and by extension, clients accepting tokens issued by those Dex instances) are affected by this vulnerability. An attacker can exploit this vulnerability b ...

Continue Reading
Dex vulnerable to Man-in-the-Middle allowing ID token capture via intercepted authorization code

### Impact Dex instances with public clients (and by extension, clients accepting tokens issued by those Dex instances) are affected by this vulnerability. An attacker can exploit this vulnerability b ...

Continue Reading
Security Bulletin: Multiple vulnerabilities in React, webpack and Node.js modules affect Tivoli Netcool/OMNIbus WebGUI

## Summary Fix is available for vulnerabilities in React, webpack and Node.js modules affecting Tivoli Netcool/OMNIbus WebGUI. The modules are used by Tivoli Netcool/OMNIbus WebGUI as part of its web ...

Continue Reading

CVSS3 - CRITICAL

CVSS2 - HIGH

Back to Main

Subscribe for the latest news:
Generated by Feedzy