2 matches found
CVE-2026-46513
Summary: Frogman prior to version 1.6.2 stored API tokens in plaintext as raw hex strings in the oc_api_tokens table and validated the X-Frogman-Token header by directly comparing it to the stored value, enabling database read access to reusable tokens at their permission level (including admin)....
OPENSUSE-SU-2025:0152-1 Security update for kanidm
This update for kanidm fixes the following issues: - Update to version 1.6.2git0.a20663ea8: Release 1.6.2 fix: clippy maint: typo in log message Set kid manually to prevent divergence Order keys in application JWKS / Fix rotation bug Fix toml issues with strings - Update to version...