CVE-2022-22969

Spring Security OAuth versions 2.5.x prior to 2.5.2 and older unsupported versions are susceptible to a Denial-of-Service (DoS) attack via the initiation of the Authorization Request in an OAuth 2.0 ...

Continue Reading
(RHSA-2022:2280) Important: OpenShift Container Platform 3.11.705 security update

Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages ...

Continue Reading
Nearly 100,000 NPM Users’ Credentials Stolen in GitHub OAuth Breach

[![](https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEibSaL_2onu9HFSkDKS6vpwfAW61CDKj7FffAdrYV-rfMCl0RTqFOAU0q4xUr3YMSKTAo-XMYuwdpQopOtC-PypD36JJ_IPRd-RrsO_yB-TfKWK6RbdnyS9kfb-8BIo0VA8vUV2hs_ ...

Continue Reading
npm security update: Attack campaign using stolen OAuth tokens

On April 15, we published [a blog]() detailing an attack campaign utilizing stolen OAuth user tokens issued to two third-party GitHub.com integrators, Heroku and Travis CI. The npm organization on Git ...

Continue Reading
GitLab 14.7.x < 14.7.7 / 14.8.x < 14.8.5 / 14.9.x < 14.8.2 Default Password

A hardcoded password was set for accounts registered using an OmniAuth provider (e.g. OAuth, LDAP, SAML) in GitLab CE/EE versions 14.7 prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 a ...

Continue Reading
CVE report published for Spring Security OAuth

We have released Spring Security OAuth 2.5.2 to address the following CVE report. * [CVE-2022-22969: Denial-of-Service (DoS) in spring-security-oauth2]() This vulnerability exposes OAuth 2.0 Client ...

Continue Reading
GitLab 7.7.x < 14.4.5 / 14.5.0 < 14.5.3 / 14.6.0 < 14.6.2 CSRF

According to its self-reported version, the instance of GitLab running on the remote web server is 7.7.x prior to 14.4.5, 14.5.0 prior to 14.5.3, or 14.6.0 prior to 14.6.2. It is, therefore, affected ...

Continue Reading
GitHub Notifies Victims Whose Private Data Was Accessed Using OAuth Tokens

[![GitHub](https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEjxX2jD8VVilJjQZkcsQwvoW0ZvAYbtJTCbmXDltSql9D4lPJW4bUlaSg9BnGka9yPYv829y-vn5ks9eFbNR9NaZd9WiHUEDQLsczRpWMDIz2fOCNxh-f8tAD_BfMy2zIiFu ...

Continue Reading

Back to Main

Subscribe for the latest news: