6 matches found
Intent-Aware Authorization for Zero Trust CI/CD
This paper introduces intent-aware authorization for Zero Trust CI/CD systems. Identity establishes who is making the request, but additional signals are required to decide whether access should be granted. We describe a control loop architecture where policy engines such as OPA and Cedar evaluat...
This Week in Spring - July 29th, 2024
Hi Spring fans! Welcome to another installment of This Week in Spring! It's July 29th, 2024! I can hardly believe it! We're less than a month away from SpringOne 2024! Have you registered for either in-person attendance or the free livestreams yet? As always, we've got a ton of stuff to cover so...
Wrong validation when setting BadCollateralRatio
Lines of code Vulnerability details Impact Setting of BadCollateralRatio has a slight bug //@audit-issue bug here, should be - 1e19 function setBadCollateralRatioaddress pool, uint256 newRatio external onlyRoleDAO requirenewRatio = 130 1e18 && newRatio = 160 1e18, "eUSD vault safe...
Dream CMS suffers from SQL injection vulnerability (CNVD-2021-51284)
Dream CMS lmxcms is developed using php language and mysql database, and adopts the mainstream MVC design model. Dream CMS has a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...
Apache Struts 2 remote command execution vulnerability(S2-048)
Vulnerability overview Struts is a Apache Software Foundation ASF sponsored an open source project. By using JavaServlet/JSP technology, is implemented based on the Java EEWeb application of the MVC design pattern application framework, MVC is a classic design pattern in a classic product. But in...
Finecms1. 7 3 The code of audit summary of the defect packaged and fixed-vulnerability warning-the black bar safety net
FineCMS is a paragraph based on PHP+MySql development of content management system, using the MVC design pattern to implement business logic with the presentation layer of the appropriate separation, so that web designers can easily design the ideal template, plug-in development features...