PT-2022-28186 · Unknown · Company Account Feature

Name of the Vulnerable Software and Affected Versions: Company account feature version 4 and later Description: A critical issue allows users with the Company admin role to assign any role to any user, bypassing subtree limitations. This also affects users with the role / assign policy, typically...

barbican 授权问题漏洞

barbican is an OpenStack key management service, API server. An authorization issue vulnerability exists in barbican due to a lack of authorization checks. A remote user with the administrator role could add secrets to different project containers. The vulnerability allows an attacker on a networ...