Insufficient Entropy

laravel/socialite is vulnerable to Insufficient Entropy. The vulnerability is due to an insecure state generation mechanism, potentially exposing the OAuth authentication process to security...Read Mo ...

Continue Reading
friendsofsymfony/oauth2-php open redirection in oauth

An open redirection vulnerability has been identified in the friendsofsymfony/oauth2-php library, which could potentially expose users to unauthorized redirects during the OAuth authentication process ...

Continue Reading
State Guessing Vulnerability in laravel/socialite

laravel/socialite versions prior to 2.0.10 are susceptible to a security vulnerability related to state guessing during OAuth authentication. This vulnerability could potentially lead to session hijac ...

Continue Reading
Insecure State Generation in laravel/socialite

laravel/socialite versions prior to 2.0.9 are found to have an insecure state generation mechanism, potentially exposing the OAuth authentication process to security risks. The issue has been addresse ...

Continue Reading
friendsofsymfony/oauth2-php open redirection in oauth

An open redirection vulnerability has been identified in the friendsofsymfony/oauth2-php library, which could potentially expose users to unauthorized redirects during the OAuth authentication process ...

Continue Reading
State Guessing Vulnerability in laravel/socialite

laravel/socialite versions prior to 2.0.10 are susceptible to a security vulnerability related to state guessing during OAuth authentication. This vulnerability could potentially lead to session hijac ...

Continue Reading
Insecure State Generation in laravel/socialite

laravel/socialite versions prior to 2.0.9 are found to have an insecure state generation mechanism, potentially exposing the OAuth authentication process to security risks. The issue has been addresse ...

Continue Reading
Grafana Forward OAuth Identity Token can allow users to access some data sources

When a data source has the Forward OAuth Identity feature enabled, sending a query to that datasource with an API token (and no other user credentials) will forward the OAuth Identity of the most rece ...

Continue Reading

Back to Main

Subscribe for the latest news: