Summary When processing requests authorization was improperly and insufficiently checked, allowing attackers to access far more functionality than users intended, including to the administrative and m ...
Continue Reading
13 февраля, 2024
Summary When processing requests authorization was improperly and insufficiently checked, allowing attackers to access far more functionality than users intended, including to the administrative and m ...
Continue Reading
12 февраля, 2024
Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron. Security Fix(es): apache-commons-text: variable interpo ...
Continue Reading
12 февраля, 2024
Hi, Spring fans! In this installment we look at the brand new Spring Boot Testjars project, which greatly simplifies standing up and reusing satellite Java-based services like other Spring Boot-based ...
Continue Reading
08 февраля, 2024
Authentication bypass when an OAuth2 Client is using client_secret_jwt as its authentication method on affected 11.3 versions via specially crafted...Read More ...
Continue Reading
07 февраля, 2024
Authentication bypass when an OAuth2 Client is using client_secret_jwt as its authentication method on affected 11.3 versions via specially crafted...Read More ...
Continue Reading
06 февраля, 2024
Nextcloud server is a self hosted personal cloud system. In affected versions OAuth codes did not expire. When an attacker would get access to an authorization code they could authenticate at any time ...
Continue Reading
05 февраля, 2024
I'd hate to be labeled a "car guy" now mentioning my new electric car in the lede of two newsletters in a row, but I couldn't resist. I'd been reading headlines for ye ...
Continue Reading
01 февраля, 2024
Back to Main
