The mod_auth_openidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server. ...
Continue Reading
August 02, 2023
The mod_auth_openidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server. ...
Continue Reading
August 02, 2023
GitLab Authentication Plugin 1.17.1 and earlier does not implement a state parameter in its OAuth flow, a unique and non-guessable value associated with each authentication request. This vulnerability ...
Continue Reading
August 01, 2023
The plugin does not have authorisation in various AJAX actions, which could allow users with a role as low as Subscriber to call them and perform unauthorised actionsRead More ...
Continue Reading
July 27, 2023
GitLab Authentication Plugin 1.17.1 and earlier does not implement a state parameter in its OAuth flow, a unique and non-guessable value associated with each authentication request. This vulnerability ...
Continue Reading
July 27, 2023
OpenID Connect is an identity layer on top of the OAuth 2.0 protocol which aims to determine the provider URL for an end user. By leveraging the `/.well-known/webfinger` endpoint, it is sometimes poss ...
Continue Reading
July 26, 2023
Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary Storm-0558, a China-based threat actor with espionage objectives, has been targeting email data from approx ...
Continue Reading
July 24, 2023
Grafana is vulnerable to authentication bypass vulnerability. The vulnerability is specififc to Grafana deployments configured to use Azure AD OAuth for user authentication with a multi-tenant Azure a ...
Continue Reading
July 22, 2023
Back to Main
