CVE-2022-31034 Argo CD v0.11.0 is vulnerable to SSO login attacks when initiated from the Argo CD CLI or UI.
A vulnerable Argo CD installation can be uncovered by an attacker by monitoring the rate of successful OAuth2/OIDC login attempts. What is important to
CVE-2022-31043 - How Guzzle’s `Authorization` Leak Can Hurt Your PHP Apps (Details & Prevention)
Guzzle is a popular open-source HTTP client library for PHP. This handy tool lets developers send HTTP requests effortlessly, making it an everyday dependency in
CVE-2022-30034 Flower, a web UI for the Celery Python RPC framework, is vulnerable to an OAuth authentication bypass.
OAuth is a widely used authentication protocol. It provides a secure way for users to grant permission for their data to be accessed by authorized
CVE-2022-22969 Older versions of Spring Security's OAuth 2.5.x are vulnerable to a DoS attack.
OAuth 2.0 Server applications are not vulnerable. OAuth 2.0 Server applications are not susceptible to this issue, as the Server does not make
CVE-2022-22956 - Deep Dive Into VMware Workspace ONE Access OAuth2 Authentication Bypass Exploit
If you work with VMware Workspace ONE Access (formerly VMware Identity Manager), you've probably heard whispers about critical vulnerabilities that surfaced in 2022—
Episode
00:00:00
00:00:00