Impact Users of WireGuard Portal v2 who have OAuth (or OIDC) authentication backends enabled can be affected by an Account Takeover vulnerability if they visit a malicious website. Patches The problem ...
Continue Reading
January 08, 2025
Impact Users of WireGuard Portal v2 who have OAuth (or OIDC) authentication backends enabled can be affected by an Account Takeover vulnerability if they visit a malicious website. Patches The problem ...
Continue Reading
January 07, 2025
In Net::OAuth::Client in the Net::OAuth package before 0.29 for Perl, the default nonce is a 32-bit integer generated from the built-in rand() function, which is not cryptographically...Read More ...
Continue Reading
January 07, 2025
Impact Nonce generation does not use sufficient entropy nor a cryptographically secure pseudorandom source (https://github.com/guzzle/oauth-subscriber/blob/0.8.0/src/Oauth1.php#L192). This can leave s ...
Continue Reading
January 07, 2025
Guzzle OAuth Subscriber signs Guzzle requests using OAuth 1.0. Prior to 0.8.1, Nonce generation does not use sufficient entropy nor a cryptographically secure pseudorandom source. This can leave serve ...
Continue Reading
January 06, 2025
Impact Nonce generation does not use sufficient entropy nor a cryptographically secure pseudorandom source (https://github.com/guzzle/oauth-subscriber/blob/0.8.0/src/Oauth1.php#L192). This can leave s ...
Continue Reading
January 06, 2025
Guzzle OAuth Subscriber signs Guzzle requests using OAuth 1.0. Prior to 0.8.1, Nonce generation does not use sufficient entropy nor a cryptographically secure pseudorandom source. This can leave serve ...
Continue Reading
January 06, 2025
Guzzle OAuth Subscriber signs Guzzle requests using OAuth 1.0. Prior to 0.8.1, Nonce generation does not use sufficient entropy nor a cryptographically secure pseudorandom source. This can leave serve ...
Continue Reading
January 06, 2025
Back to Main
