CVE-2022-2133 OAuth plugin before 6.22.6 doesn't validate token requests, which allows attackers to log into site with user's email address.
This access token can then be used to request any type of resource on the website that the user has access to. This could be
CVE-2022-31107 Grafana is an open-source platform for monitoring and observability
as that user. This allows the malicious user to gain access to all of the Grafana data for the target user's account and
CVE-2022-31034 Argo CD v0.11.0 is vulnerable to SSO login attacks when initiated from the Argo CD CLI or UI.
A vulnerable Argo CD installation can be uncovered by an attacker by monitoring the rate of successful OAuth2/OIDC login attempts. What is important to
CVE-2022-30034 Flower, a web UI for the Celery Python RPC framework, is vulnerable to an OAuth authentication bypass.
OAuth is a widely used authentication protocol. It provides a secure way for users to grant permission for their data to be accessed by authorized
CVE-2022-22969 Older versions of Spring Security's OAuth 2.5.x are vulnerable to a DoS attack.
OAuth 2.0 Server applications are not vulnerable. OAuth 2.0 Server applications are not susceptible to this issue, as the Server does not make
Episode
00:00:00
00:00:00