### Impact An attacker with sufficient client-side exploits could retrieve a valid access token for another user during the OAuth token exchange due to incorrect credential validation. The client ID m ...
Continue Reading
09 августа, 2023
Sentry is an error tracking and performance monitoring platform. Starting in version 10.0.0 and prior to version 23.7.2, an attacker with sufficient client-side exploits could retrieve a valid access ...
Continue Reading
09 августа, 2023
An update is available for module.mod_auth_openidc, cjose, module.cjose, mod_auth_openidc. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a det ...
Continue Reading
09 августа, 2023
[]() Microsoft on Friday disclosed that it has addressed a critical ...
Continue Reading
05 августа, 2023
In the Keyfactor EJBCA before 8.0.0, the RA web certificate distribution servlet /ejbca/ra/cert allows partial denial of service due to an authentication issue. In configurations using OAuth, disclosu ...
Continue Reading
03 августа, 2023
The mod_auth_openidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server. ...
Continue Reading
02 августа, 2023
Functions with insufficient randomness were used to generate authorization tokens of the integrated oAuth Authorization Service. Authorization codes were predictable for third parties and could be use ...
Continue Reading
02 августа, 2023
The mod_auth_openidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server. ...
Continue Reading
02 августа, 2023
Back to Main
