Jaeger UI 跨站脚本漏洞

Jaeger UI is the web interface for Jaeger. A security vulnerability exists in Jaeger UI versions prior to v.1.31.0. A remote attacker can exploit this vulnerability to execute arbitrary code via the KeyValuesTable component...

DEBIAN-CVE-2020-7692

PKCE support is not implemented in accordance with the RFC for OAuth 2.0 for Native Apps. Without the use of PKCE, the authorization code returned by an authorization server is not enough to guarantee that the client that issued the initial authorization request is the one that will be authorized...