5 matches found
EUVD-2023-44776
Malicious code in bioql PyPI...
Design/Logic Flaw
Dispatch is an open source security incident management tool. The server response includes the JWT Secret Key used for signing JWT tokens in error message when the Dispatch Plugin - Basic Authentication Provider plugin encounters an error when attempting to decode a JWT token. Any Dispatch users...
CVE-2023-40171
CVE-2023-40171 affects the Dispatch open‑source security incident management tool. The server response includes the JWT secret used to sign tokens in errors raised by the Dispatch Plugin - Basic Authentication Provider, enabling an attacker to craft valid JWTs and potentially take over any accoun...
PT-2023-27303 · Dispatch · Dispatch Plugin - Basic Authentication Provider +1
Name of the Vulnerable Software and Affected Versions: Dispatch versions prior to 20230817 Description: Dispatch is an open source security incident management tool. The server response includes the JWT Secret Key used for signing JWT tokens in error message when the Dispatch Plugin - Basic...
Open-Source Host-Based Intrusion Detection System: OSSEC
OSSEC is a platform to monitor and control your systems. It mixes together all the aspects of HIDS host-based intrusion detection, log monitoring, and Security Incident Management SIM/Security Information and Event Management SIEM together in a simple, powerful, and open source solution. Key...