Mattermost fails to properly check a redirect URL parameter allowing for an open redirect was possible when the user clicked "Back to Mattermost" after providing a invalid custom ur ...
Continue Reading14 декабря, 2023
Interesting article about a surprisingly common vulnerability: programmers leaving authentication credentials and other secrets in publicly accessible software code: Researchers from security firm Gi ...
Continue Reading14 декабря, 2023
The mod_auth_openidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server. ...
Continue Reading14 декабря, 2023
Mattermost fails to properly check a redirect URL parameter allowing for an open redirect was possible when the user clicked "Back to Mattermost" after providing a invalid custom ur ...
Continue Reading14 декабря, 2023
Impact next-auth applications prior to version 4.24.5 that rely on the default Middleware authorization are affected. A bad actor could create an empty/mock user, by getting hold of a NextAuth.js-issu ...
Continue Reading14 декабря, 2023
Hi, Spring fans! This week, my first as an employee of Broadcom, I am joined by Spring Security community legend Laura Spilca and we talk about all things security, OAuth, and...Read More ...
Continue Reading14 декабря, 2023
[9.2.10-7] - resolve RHEL-12649 - resolve CVE-2023-39325 CVE-2023-44487 rapid stream resets can cause excessive work - testing is turned off due to test failures caused by testing date mismatch [9.2.1 ...
Continue Reading14 декабря, 2023
An unknown threat actor has been observed publishing typosquat packages to the Python Package Index (PyPI) repository for nearly six months with an aim to deliver malware capable of gaining persistenc ...
Continue Reading14 декабря, 2023
Back to Main