CVE-2022-31034 Argo CD v0.11.0 is vulnerable to SSO login attacks when initiated from the Argo CD CLI or UI.
A vulnerable Argo CD installation can be uncovered by an attacker by monitoring the rate of successful OAuth2/OIDC login attempts. What is important to
CVE-2022-30034 Flower, a web UI for the Celery Python RPC framework, is vulnerable to an OAuth authentication bypass.
OAuth is a widely used authentication protocol. It provides a secure way for users to grant permission for their data to be accessed by authorized
CVE-2022-22969 Older versions of Spring Security's OAuth 2.5.x are vulnerable to a DoS attack.
OAuth 2.0 Server applications are not vulnerable. OAuth 2.0 Server applications are not susceptible to this issue, as the Server does not make
CVE-2022-22956: A Deep Dive into VMware Workspace ONE Access Authentication Bypass Vulnerabilities
VMware Workspace ONE Access, a leading identity and access management solution, has recently been identified to contain two critical authentication bypass vulnerabilities, CVE-2022-22955 and CVE-2022-22956.
CVE-2022-1162 A hardcoded password was set for accounts registered using an OmniAuth provider (e.g
allowing attackers to potentially take over accounts A hardcoded password was set for SSH keys in GitLab EE/CE versions prior to 14.7.7,
Episode
00:00:00
00:00:00