2 matches found
GHSA-F28G-86HC-823Q Tokenizer vulnerable to client brute-force of token secrets
Impact Authorized clients, having an injectprocessor secret, could brute-force the secret token value by abusing the fmt parameter to the Proxy-Tokenizer header. Patches This was fixed in https://github.com/superfly/tokenizer/pull/8 and further mitigated in...
Tokenizer vulnerable to client brute-force of token secrets
Impact Authorized clients, having an injectprocessor secret, could brute-force the secret token value by abusing the fmt parameter to the Proxy-Tokenizer header. Patches This was fixed in https://github.com/superfly/tokenizer/pull/8 and further mitigated in...