3 matches found
Laravel Reverb 数据伪造问题漏洞
Laravel Reverb is an open source library for The Laravel Framework. It brings real-time WebSocket communication to Laravel applications. A data forgery issue vulnerability exists in Laravel Reverb versions prior to 1.4.0, which stems from a failure to validate the authentication signature of...
RHEL 6 : spacewalk-backend (RHSA-2019:1661)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:1661 advisory. Spacewalk is an Open Source systems management solution that provides system provisioning, configuration and patching capabilities. Security Fixes:...
spacewalk: Insecure computation of authentication signatures during user authentication
It was found that Spacewalk did not safely compute client token checksums. An attacker with a valid, but expired, authenticated set of headers could move some digits around, artificially extending the session validity without modifying the checksum...