32 matches found
Red Hat OpenShift 安全特征问题漏洞
Red Hat OpenShift is a Platform-as-a-Service PaaS cloud computing platform from Red Hat, Inc. that supports building, testing, deploying, and running applications. A security vulnerability exists in Red Hat OpenShift that stems from the OAuth2 protocol being vulnerable to cross-site request forge...
PT-2023-23722 · Umbraco · Umbracoidentityextensions
Name of the Vulnerable Software and Affected Versions: UmbracoIdentityExtensions versions affected versions not specified Description: The issue concerns the UmbracoIdentityExtensions package, which is an Umbraco add-on for ASP.Net Identity integration. In affected versions, client secrets are no...
GHSA-GGJR-2F7V-VHQ4 Kiali Authentication Bypass vulnerability
An authentication bypass vulnerability was found in Kiali in versions before 1.31.0 when the authentication strategy OpenID is used. When RBAC is enabled, Kiali assumes that some of the token validation is handled by the underlying cluster. When OpenID implicit flow is used with RBAC turned off,...
Kiali Authentication Bypass vulnerability
An authentication bypass vulnerability was found in Kiali in versions before 1.31.0 when the authentication strategy OpenID is used. When RBAC is enabled, Kiali assumes that some of the token validation is handled by the underlying cluster. When OpenID implicit flow is used with RBAC turned off,...
CVE-2021-20278
An authentication bypass vulnerability was found in Kiali in versions before 1.31.0 when the authentication strategy OpenID is used. When RBAC is enabled, Kiali assumes that some of the token validation is handled by the underlying cluster. When OpenID implicit flow is used with RBAC turned off,...
CVE-2021-20278
An authentication bypass vulnerability was found in Kiali in versions before 1.31.0 when the authentication strategy OpenID is used. When RBAC is enabled, Kiali assumes that some of the token validation is handled by the underlying cluster. When OpenID implicit flow is used with RBAC turned off,...
Authentication flaw
An authentication bypass vulnerability was found in Kiali in versions before 1.31.0 when the authentication strategy OpenID is used. When RBAC is enabled, Kiali assumes that some of the token validation is handled by the underlying cluster. When OpenID implicit flow is used with RBAC turned off,...
CVE-2021-20278
Kiali has an authentication bypass vulnerability affecting versions before 1.31.0 when using OpenID with implicit flow and RBAC turned off. The issue arises because token validation is expected to be handled by the underlying cluster only when RBAC is enabled; with RBAC disabled and OpenID implic...
CVE-2021-20278
An authentication bypass vulnerability was found in Kiali in versions before 1.31.0 when the authentication strategy OpenID is used. When RBAC is enabled, Kiali assumes that some of the token validation is handled by the underlying cluster. When OpenID implicit flow is used with RBAC turned off,...
PT-2021-13870 · Kiali · Kiali
Name of the Vulnerable Software and Affected Versions: Kiali versions prior to 1.31.0 Description: An authentication bypass issue was found when the authentication strategy OpenID is used. The problem arises when Kiali assumes some token validation is handled by the underlying cluster with RBAC...
CVE-2021-20278
An authentication bypass vulnerability was found in Kiali when the authentication strategy OpenID is used. When RBAC is enabled, Kiali assumes that some of the token validation is handled by the underlying cluster. When OpenID implicit flow is used with RBAC turned off, this token validation...
Automated posting on Vkontakte public pages using VK API and Python
Vk.com Vkontakte is the most popular social network Russia and Ex-USSR with 430+ million users. Originally it was a Facebook clone. But now, after 10 years of development, these two services are quite different from each other. Traditional advantages of vk.com - huge amount of free music and vide...