New capabilities to help you secure your AI transformation

AI is transforming our world, unlocking new possibilities to enhance human abilities and to extend opportunities globally. At the same time, we are also facing an unprecedented threat landscape with t ...

Continue Reading
sensiolabs/connect has a Cross-Site Request Forgery Vulnerability

Versions of sensiolabs/connect prior to 4.2.3 are affected by a Cross-Site Request Forgery (CSRF) vulnerability due to the absence of the state parameter in OAuth requests. The lack of proper state pa ...

Continue Reading
sensiolabs/connect has a Cross-Site Request Forgery Vulnerability

Versions of sensiolabs/connect prior to 4.2.3 are affected by a Cross-Site Request Forgery (CSRF) vulnerability due to the absence of the state parameter in OAuth requests. The lack of proper state pa ...

Continue Reading
GitLab 13.3 < 13.3.4 (CVE-2020-13300)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: GitLab CE/EE version 13.3 prior to 13.3.4 was vulnerable to an OAuth authorization scope change without ...

Continue Reading
GitLab 12.3 < 13.0.12 / 13.1 < 13.1.6 / 13.2 < 13.2.3 (CVE-2020-13292)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: In GitLab before 13.0.12, 13.1.6 and 13.2.3, it is possible to bypass E-mail verification which is r ...

Continue Reading
GitLab 12.3 < 12.9.8 / 12.10 < 12.10.7 / 13.0 < 13.0.1 (CVE-2020-13272)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: OAuth flow missing verification checks CE/EE 12.3 and later through 13.0.1 allows unverified user to use ...

Continue Reading
GitLab 7.7 < 13.1.10 / 13.2 < 13.2.8 / 13.3 < 13.3.4 (CVE-2020-13312)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. GitLab OAuth endpoi ...

Continue Reading
Session Hijacking

laravel/socialite is vulnerable to Session Hijacking. The vulnerability is due to the state guessing during OAuth authentication, which could potentially lead to session...Read More ...

Continue Reading

Back to Main

Subscribe for the latest news: