Keystone is a headless CMS for Node.js â built with GraphQL and React.`@keystone-6/[email protected] || 3.0.1` users that use `NODE_ENV` to trigger security-sensitive functionality in their production b ...
Continue Reading
November 15, 2022
The kind of API security scenarios we witnessed today were never like this from the beginning of time. It has gone to extra lengths to become responsive and productive as itâs now. _How was it ...
Continue Reading
November 15, 2022
DataHub is an open-source metadata platform. Prior to version 0.8.45, the `StatelessTokenService` of the DataHub metadata service (GMS) does not verify the signature of JWT tokens. This allows an atta ...
Continue Reading
November 15, 2022
# Missing JWT signature check (`GHSL-2022-078`) The [`StatelessTokenService`](https://github.com/datahub-project/datahub/blob/aa146db611e3a4ca3aa17bb740783f789d4444d3/metadata-service/auth-impl/src/ma ...
Continue Reading
November 15, 2022
# Missing JWT signature check (`GHSL-2022-078`) The [`StatelessTokenService`](https://github.com/datahub-project/datahub/blob/aa146db611e3a4ca3aa17bb740783f789d4444d3/metadata-service/auth-impl/src/ma ...
Continue Reading
November 15, 2022
An issue was discovered in Object First 1.0.7.712. The authorization service has a flow that allows getting access to the Web UI without knowing credentials. For signing, the JWT token uses a secret k ...
Continue Reading
November 15, 2022
This release of Camel for Spring Boot 3.14.5 serves as a replacement for Camel for Spring Boot 3.14.2 and includes bug fixes and enhancements, which are documented in the Release Notes document linked ...
Continue Reading
November 15, 2022
An update that solves two vulnerabilities, contains four features and has one errata is now available. Description: This update fixes the following issues: dracut-saltboot: - Update to ver ...
Continue Reading
November 15, 2022
Back to Main
