Jenkins Assembla Auth Plugin 1.14 and earlier does not implement a state parameter in its OAuth flow, a unique and non-guessable value associated with each authentication request. This vulnerability a ...

Continue Reading

July 13, 2023

Jenkins Assembla Auth Plugin 1.14 and earlier does not implement a state parameter in its OAuth flow, a unique and non-guessable value associated with each authentication request. This vulnerability a ...

Continue Reading

July 12, 2023

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fix(es): * grafana: account takeover possible when using Azure AD OAuth (CVE ...

Continue Reading

July 12, 2023

It was discovered that there was an issue in ruby-doorkeeper, an OAuth2 provider for Ruby on Rails applications. Doorkeeper automatically processed authorization requests without user consent for publ ...

Continue Reading

July 12, 2023

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS / 22.04 LTS / 22.10 / 23.04 host has a package installed that is affected by a vulnerability as referenced in the USN-6210-1 advisory. - Doorkeepe ...

Continue Reading

July 11, 2023

[![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj0aNse5IFkAOlAmTMF7nAK2FV-Z8RHu8RArkixIyq8ldbWS5P0bR3uUNBYEHFbdrKArewTQoaTnatNC5mGfrPJf_jLVNxXIjaV-NrxS4KEkAoqtQgE0taY58UZIRSMoYmD4p0D7Z ...

Continue Reading

July 08, 2023

## Releases * Ubuntu 23.04 * Ubuntu 22.10 * Ubuntu 22.04 LTS * Ubuntu 20.04 LTS * Ubuntu 18.04 ESM * Ubuntu 16.04 ESM ## Packages * ruby-doorkeeper - OAuth 2 provider for Rails and Grape ...

Continue Reading

July 08, 2023

This module provides integration with Mailchimp, a popular email delivery service. A route related to OAuth authentication is not protected against a Cross Site Request Forgery attack.Read More ...

Continue Reading

July 07, 2023