Lucene search
K

4 matches found

RedHat Linux
RedHat Linux
added 2020/06/10 7:23 p.m.3 views

cxf: OpenId Connect token service does not properly validate the clientId

Apache CXF ships with a OpenId Connect JWK Keys service, which allows a client to obtain the public keys in JWK format, which can then be used to verify the signature of tokens issued by the service. Typically, the service obtains the public key from a local keystore JKS/PKCS12 by specifing the...

7.5CVSS7.3AI score0.0606EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/05/28 3:58 p.m.4 views

cxf: OpenId Connect token service does not properly validate the clientId

Apache CXF ships with a OpenId Connect JWK Keys service, which allows a client to obtain the public keys in JWK format, which can then be used to verify the signature of tokens issued by the service. Typically, the service obtains the public key from a local keystore JKS/PKCS12 by specifing the...

7.5CVSS7.3AI score0.0606EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/05/11 8:17 p.m.2 views

cxf: OpenId Connect token service does not properly validate the clientId

Apache CXF ships with a OpenId Connect JWK Keys service, which allows a client to obtain the public keys in JWK format, which can then be used to verify the signature of tokens issued by the service. Typically, the service obtains the public key from a local keystore JKS/PKCS12 by specifing the...

7.5CVSS7.3AI score0.0606EPSS
Exploits0References4
CERT
CERT
added 2002/02/27 12:0 a.m.16 views

Oracle 9iAS allows access to CGI script source code within CGI-BIN directory

Overview Oracle 9i Application Server 9iAS allows remote anonymous users to view source code in CGI scripts stored in the Apache cgi-bin. Attackers may analyze these scripts to discover usernames, passwords, or other proprietary data or methods. Description The default Apache configuration file i...

6.5AI score
Exploits0References2
Rows per page
Query Builder