Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fix(es): grafana: account takeover possible when using Azure AD OAuth ( ...
Continue Reading14 декабря, 2023
Impact next-auth applications prior to version 4.24.5 that rely on the default Middleware authorization are affected. A bad actor could create an empty/mock user, by getting hold of a NextAuth.js-issu ...
Continue Reading14 декабря, 2023
next-auth is vulnerable to Improper Authorization. A malicious actor could create an empty/mock user by getting hold of a NextAuth.js-issued JWT from an interrupted OAuth sign-in flow (state, PKCE or ...
Continue Reading14 декабря, 2023
...Read More ...
Continue Reading14 декабря, 2023
authentik is vulnerable to authentication bypass due to an insufficient PKCE check. The vulnerability is caused by code_verifier step during the OAUTH initialisation flow. Authentik improperly accepts ...
Continue Reading14 декабря, 2023
The mod_auth_openidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server. ...
Continue Reading14 декабря, 2023
A flaw was found in Dex, an identity service that uses OpenID Connect to drive authentication for other apps. This issue may allow an attacker to make a victim navigate to a malicious website and guid ...
Continue Reading14 декабря, 2023
## The Genesis of Apigee API Security Guidelines In today's digital epoch, [APIs (Application Programming Interfaces)]( "APIs (Application Programming Interfaces)" ) have ascended to be the fundamenta ...
Continue Reading14 декабря, 2023
Back to Main