2 matches found
Eclipse Dataspace Components vulnerable to OAuth2 client secret disclosure
In Eclipse Dataspace Components from version 0.2.1 to 0.6.2, in the EDC Connector component, an attacker might obtain OAuth2 client secrets from the vault. In Eclipse Dataspace Components from version 0.2.1 to 0.6.2, we have identified a security vulnerability in the EDC Connector component...
CVE-2024-4536
In Eclipse Dataspace Components from version 0.2.1 to 0.6.2, in the EDC Connector component https://github.com/eclipse-edc/Connector , an attacker might obtain OAuth2 client secrets from the vault. In Eclipse Dataspace Components from version 0.2.1 to 0.6.2, we have identified a security...