[9.2.10-7] - resolve RHEL-12649 - resolve CVE-2023-39325 CVE-2023-44487 rapid stream resets can cause excessive work - testing is turned off due to test failures caused by testing date mismatch [9.2.1 ...
Continue Reading
December 14, 2023
Cybersecurity researchers have detailed a "severe design flaw" in Google Workspace's domain-wide delegation (DWD) feature that could be exploited by threat actors to facilitate ...
Continue Reading
December 14, 2023
Mattermost fails to properly check a redirect URL parameter allowing for an open redirect was possible when the user clicked "Back to Mattermost" after providing a invalid custom ur ...
Continue Reading
December 14, 2023
Interesting article about a surprisingly common vulnerability: programmers leaving authentication credentials and other secrets in publicly accessible software code: Researchers from security firm Gi ...
Continue Reading
December 14, 2023
The mod_auth_openidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server. ...
Continue Reading
December 14, 2023
Mattermost fails to properly check a redirect URL parameter allowing for an open redirect was possible when the user clicked "Back to Mattermost" after providing a invalid custom ur ...
Continue Reading
December 14, 2023
Impact next-auth applications prior to version 4.24.5 that rely on the default Middleware authorization are affected. A bad actor could create an empty/mock user, by getting hold of a NextAuth.js-issu ...
Continue Reading
December 14, 2023
Hi, Spring fans! This week, my first as an employee of Broadcom, I am joined by Spring Security community legend Laura Spilca and we talk about all things security, OAuth, and...Read More ...
Continue Reading
December 14, 2023
Back to Main
