Evolution of API Security â A Practical Guide to Addressing API Threats in 2023
The kind of API security scenarios we witnessed today were never like this from the beginning of time. It has gone to extra lengths to become responsive and productive as itâs now. _How was it ...
Continue Reading
November 15, 2022
CVE-2022-39366
DataHub is an open-source metadata platform. Prior to version 0.8.45, the `StatelessTokenService` of the DataHub metadata service (GMS) does not verify the signature of JWT tokens. This allows an atta ...
Continue Reading
November 15, 2022
acryl-datahub missing JWT signature check
# Missing JWT signature check (`GHSL-2022-078`) The [`StatelessTokenService`](https://github.com/datahub-project/datahub/blob/aa146db611e3a4ca3aa17bb740783f789d4444d3/metadata-service/auth-impl/src/ma ...
Continue Reading
November 15, 2022
acryl-datahub missing JWT signature check
# Missing JWT signature check (`GHSL-2022-078`) The [`StatelessTokenService`](https://github.com/datahub-project/datahub/blob/aa146db611e3a4ca3aa17bb740783f789d4444d3/metadata-service/auth-impl/src/ma ...
Continue Reading
November 15, 2022
CVE-2022-44796
An issue was discovered in Object First 1.0.7.712. The authorization service has a flow that allows getting access to the Web UI without knowing credentials. For signing, the JWT token uses a secret k ...
Continue Reading
November 15, 2022
Evolution of API Security â A Practical Guide to Addressing API Threats in 2023
The kind of API security scenarios we witnessed today were never like this from the beginning of time. It has gone to extra lengths to become responsive and productive as itâs now. _How was it ...
Continue Reading
November 15, 2022
Moderate: php:7.4 security, bug fix, and enhancement update
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php (7.4.30), php-pear (1.10.13). (BZ#20554 ...
Continue Reading
November 15, 2022
PHP vulnerabilities
It was discovered that PHP incorrectly handled certain gzip files. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-31628) It was discovered that PHP incorrectly handl ...
Continue Reading
November 15, 2022
Moderate: php:8.0 security, bug fix, and enhancement update
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php (8.0.20). (BZ#2100876) Security Fix(es) ...
Continue Reading
November 15, 2022
[SECURITY] [DSA 5277-1] php7.4 security update
- ------------------------------------------------------------------------- Debian Security Advisory DSA-5277-1 [email protected] https://www.debian.org/security/ ...
Continue Reading
November 15, 2022
