Novu provides an API for sending notifications through multiple channels. Versions prior to 0.16.0 contain an open redirect vulnerability in the "Sign In with GitHub" functionality of Novu's open-sour ...
Continue Reading
August 15, 2023
Functions with insufficient randomness were used to generate authorization tokens of the integrated oAuth Authorization Service. Authorization codes were predictable for third parties and could be use ...
Continue Reading
August 15, 2023
In the Keyfactor EJBCA before 8.0.0, the RA web certificate distribution servlet /ejbca/ra/cert allows partial denial of service due to an authentication issue. In configurations using OAuth, disclosu ...
Continue Reading
August 15, 2023
[]() ## Why SaaS Security Is a Challenge In ...
Continue Reading
August 14, 2023
gitlab is vulnerable to Cross-Site Leak. The vulnerability exists in the OAuth flow, allowing an attacker to leak an OAuth access token by getting the victim to visit a malicious page with SafariRead ...
Continue Reading
August 12, 2023
gitlab is vulnerable to Authorization Bypasses. This vulnerability occurs due to a flaw in the way that GitLab handles OAuth subscriptions. An attacker can exploit this vulnerability to generate OAuth ...
Continue Reading
August 12, 2023
Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation. Security Fix(es): * envoy: Clie ...
Continue Reading
August 11, 2023
sentry is vulnerable to Authentication Bypass. The vulnerability exists due to the lack of a OIDC signing token inside the authentication mechanism which allows an attacker with sufficient client-side ...
Continue Reading
August 11, 2023
Back to Main
