12 matches found
EAP: OIDC app attempting to access the second tenant, the user should be prompted to log
A flaw was found in Red Hat Enterprise Application Platform 8. When an OIDC app that serves multiple tenants attempts to access the second tenant, it should prompt the user to log in again since the second tenant is secured with a different OIDC configuration. The underlying issue is in...
EAP: OIDC app attempting to access the second tenant, the user should be prompted to log
A flaw was found in Red Hat Enterprise Application Platform 8. When an OIDC app that serves multiple tenants attempts to access the second tenant, it should prompt the user to log in again since the second tenant is secured with a different OIDC configuration. The underlying issue is in...
EAP: OIDC app attempting to access the second tenant, the user should be prompted to log
A flaw was found in Red Hat Enterprise Application Platform 8. When an OIDC app that serves multiple tenants attempts to access the second tenant, it should prompt the user to log in again since the second tenant is secured with a different OIDC configuration. The underlying issue is in...
GHSA-JPMX-996V-48FM WildFly Elytron: OIDC app attempting to access the second tenant, the user should be prompted to log
A flaw was found in JBoss EAP. When an OIDC app that serves multiple tenants attempts to access the second tenant, it should prompt the user to log in again since the second tenant is secured with a different OIDC configuration. The underlying issue is in OidcSessionTokenStore when determining if...
WildFly Elytron: OIDC app attempting to access the second tenant, the user should be prompted to log
A flaw was found in JBoss EAP. When an OIDC app that serves multiple tenants attempts to access the second tenant, it should prompt the user to log in again since the second tenant is secured with a different OIDC configuration. The underlying issue is in OidcSessionTokenStore when determining if...
CVE-2023-6236
A flaw was found in Red Hat Enterprise Application Platform 8. When an OIDC app that serves multiple tenants attempts to access the second tenant, it should prompt the user to log in again since the second tenant is secured with a different OIDC configuration. The underlying issue is in...
CVE-2023-6236 Eap: oidc app attempting to access the second tenant, the user should be prompted to log
A flaw was found in Red Hat Enterprise Application Platform 8. When an OIDC app that serves multiple tenants attempts to access the second tenant, it should prompt the user to log in again since the second tenant is secured with a different OIDC configuration. The underlying issue is in...
CVE-2023-6236
CVE-2023-6236 affects Red Hat JBoss Enterprise Application Platform 8 (OIDC multi-tenant scenario). The root cause is in OidcSessionTokenStore: when deciding whether to reuse a cached token, it must also consider the new provider-url option in addition to realm; without this, an app serving multi...
Remote Code Execution (RCE)
Apache Flume is vulnerable to remote code execution. The vulnerability exists due to improper validations of jms source and provider url where the attacker can use the jms source with an unsafe provider url causing arbitrary code executions...
CVE-2022-42468 Apache Flume prior to 1.11.0 has an Improper Input Validation (JNDI Injection) in JMSSource
Apache Flume versions 1.4.0 through 1.10.1 are vulnerable to a remote code execution RCE attack when a configuration uses a JMS Source with an unsafe providerURL. This issue is fixed by limiting JNDI to allow only the use of the java protocol or no protocol...
Apache Flume 注入漏洞
Apache Flume is the United States Apache Apache Foundation of a distributed, reliable and available services. It is used to efficiently collect, aggregate and move large amounts of log data. An injection vulnerability exists in Apache Flume versions 1.4.0 through 1.10.1, which stems from...
Default credentials
DomainMOD 4.11.01 has XSS via the assets/add/ssl-provider.php SSL Provider Name or SSL Provider URL field...