CVE-2022-39252 Matrix client-server library and encryption library.
Prior to version 0.5, the Matrix client-server protocol did not support encrypted key material. This means that when a user receives a signed room
CVE-2021-41803 HashiCorp Consul 1.8.1 up to 1.11.8, 1.12.4, and 1.13.1 don't validate node or segment names before using it in JWT claim assertions with the auto config RPC.
The above findings indicate that HashiCorp Consul versions 1.8.1 up to 1.11.8, 1.12.4, and 1.13.1 are vulnerable
CVE-2022-29217 - PyJWT Vulnerability: Unintended Signing Algorithm Acceptance
Summary: A security vulnerability (CVE-2022-29217) was discovered in the PyJWT library. It allows an attacker to exploit the unspecified signing algorithms and potentially compromise tokens.
Episode
00:00:00
00:00:00