GHSA-J3XV-7FXP-GFHX OpenBao Userpass and LDAP User Lockout Bypass

Impact Attackers could bypass the automatic user lockout mechanisms in the OpenBao Userpass or LDAP auth systems. This was caused by different aliasing between pre-flight and full login request user entity alias attributions. Patches OpenBao v2.3.2 will patch this issue. Workarounds Existing user...

GitHub argo-cd 信息泄露漏洞

GitHub argo-cd is an open source application from Github. A declarative GitOps continuous delivery tool for Kubernetes. GitHub argo-cd suffers from an information disclosure vulnerability that stems from incorrect access control leading to administrator privilege escalation. All unpatched version...