CVSS3 - HIGH - API Security Blog - Page 99

API security news

Category: CVSS3 - HIGH

CVE-2021-41803

HashiCorp Consul 1.8.1 up to 1.11.8, 1.12.4, and 1.13.1 do not properly validate the node or segment names prior to interpolation and usage in JWT claim assertions with the auto config RPC. Fixed in 1 ...

Continue Reading

October 09, 2022

Apache Airflow may allow authenticated users who have been deactivated to continue using the UI or API

In Apache Airflow, prior to version 2.4.1, deactivating a user wouldn't prevent an already authenticated user from being able to continue using the UI or API.Read More ...

Continue Reading

October 07, 2022

Exploit for Injection in Forgerock Openam

# CVE-2021-29156 done right This Proof of Concept is realized b...Read More ...

Continue Reading

October 07, 2022

etcd has no minimum password length

### Vulnerability type Access Control ### Workarounds The etcdctl and etcd API do not enforce a specific password length during user creation or user password update operations. [It is the responsibil ...

Continue Reading

October 06, 2022

etcd has no minimum password length

### Vulnerability type Access Control ### Workarounds The etcdctl and etcd API do not enforce a specific password length during user creation or user password update operations. [It is the responsibil ...

Continue Reading

October 06, 2022

(RHSA-2022:6821) Important: Red Hat JBoss Enterprise Application Platform 7.4.7 Security update

Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.7 serves ...

Continue Reading

October 06, 2022

(RHSA-2022:6822) Important: Red Hat JBoss Enterprise Application Platform 7.4.7 Security update

Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.7 serves ...

Continue Reading

October 06, 2022

(RHSA-2022:6823) Important: Red Hat JBoss Enterprise Application Platform 7.4.7 Security update

Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.7 serves ...

Continue Reading

October 06, 2022

(RHSA-2022:6821) Important: Red Hat JBoss Enterprise Application Platform 7.4.7 Security update

Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.7 serves ...

Continue Reading

October 06, 2022

(RHSA-2022:6822) Important: Red Hat JBoss Enterprise Application Platform 7.4.7 Security update

Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.7 serves ...

Continue Reading

October 06, 2022

Load more