-= Per source details. Do not edit below this line.=- Source: ossf-package-analysis (9b2890eeaa5287766519e1ce14b6a3fd89f1fadad21d3f241d800da1af01561d) The OpenSSF Package Analysis project identified & ...
Continue Reading
January 06, 2024
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: A cross-site leak vulnerability in the OAuth flow of all versions of GitLab CE/EE since 7.10 allowed an ...
Continue Reading
January 05, 2024
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: Due to improper handling of OAuth client IDs, new subscriptions generated OAuth tokens on an incorrect ...
Continue Reading
January 05, 2024
Summary: Information-stealing malware is actively exploiting an undisclosed Google OAuth endpoint called MultiLogin. This technique was initially disclosed by a threat actor named PRISMA on their Tele ...
Continue Reading
January 05, 2024
omniauth-microsoft_graph is vulnerable to Improper Authentication. The vulnerability is due to missing validation of the email attribute received from Microsoft's OAuth service. This allows an at ...
Continue Reading
January 04, 2024
omniauth-microsoft_graph is vulnerable to Improper Authentication. The vulnerability is due to missing validation of the email attribute received from Microsoft's OAuth service. This allows an at ...
Continue Reading
January 04, 2024
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: An issue has been discovered in GitLab CE/EE affecting all versions before 15.5.7, all versions starting ...
Continue Reading
January 03, 2024
As technology adoption has shifted to be employee-led, just in time, and from any location or device, IT and security teams have found themselves contending with an ever-sprawling SaaS attack surface, ...
Continue Reading
January 03, 2024
Back to Main
