Incorrect Authorization

Overview @clerk/clerk-js is a Clerk JS library Affected versions of this package are vulnerable to Incorrect Authorization through the createProtect and createCheckAuthorization functions. An attacker can gain access to protected pages or handlers by supplying a single auth.protect or has call th...

Incorrect Authorization

Overview @clerk/shared is an Internal package utils used by the Clerk SDKs Affected versions of this package are vulnerable to Incorrect Authorization through the createProtect and createCheckAuthorization functions. An attacker can gain access to protected pages or handlers by supplying a single...

PT-2023-35987 · Hdf5 · Hdf5

Name of the Vulnerable Software and Affected Versions: HDF5 affected versions not specified Description: The issue is related to a heap-buffer-overflow read crash. Technical details about the crash include the function names H5C load cache image, H5C protect, and H5AC protect. Recommendations: At...

Not Just for the Government: Using the NIST Framework to Secure WordPress

When setting up a WordPress website, it is easy to focus on the look and feel of the website, while overlooking the important aspect of security. This makes sense, because the security of a website is largely invisible until something goes wrong. Installing a cybersecurity plugin like Wordfence...

PT-2021-3348 · Mediawiki +1 · Mediawiki +1

Name of the Vulnerable Software and Affected Versions: MediaWiki versions 1.31.13 and earlier MediaWiki versions 1.32.x through 1.35.1 Description: An issue was discovered in MediaWiki related to the "protect" page function via the MediaWiki API. This issue allows a user to protect a page to a...