7 matches found
GHSA-FPW6-HRG5-Q5X5 ech0's acess tokens with expiry=never cannot be revoked: logout panics, delete does not blacklist JTI
Summary Access tokens created with the "never expire" option have no exp JWT claim. Three independent revocation mechanisms fail for this token type. Logout at internal/handler/auth/auth.go:154 and :163 dereferences claims.ExpiresAt.Time, panicking on the nil field so the token never hits the...
ech0's acess tokens with expiry=never cannot be revoked: logout panics, delete does not blacklist JTI
Summary Access tokens created with the "never expire" option have no exp JWT claim. Three independent revocation mechanisms fail for this token type. Logout at internal/handler/auth/auth.go:154 and :163 dereferences claims.ExpiresAt.Time, panicking on the nil field so the token never hits the...
EUVD-2009-5086
Malware in sbrugna...
webkitgtk: content security policy blacklist failure
A vulnerability was found in webkit. A logic issue was addressed with improved validation...
webkitgtk: content security policy blacklist failure
A vulnerability was found in webkit. A logic issue was addressed with improved validation...
Important: Red Hat Security Advisory: webkit2gtk3 security, bug fix, and enhancement update
An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...
webkitgtk: content security policy blacklist failure
A vulnerability was found in webkit. A logic issue was addressed with improved validation...