2 matches found
Passport-Oauth2 安全漏洞
Passport-Oauth2 is an authentication policy. A security vulnerability exists in Passport-Oauth2 versions prior to 1.6.1, which stems from the fact that the passport-oauth2 package prior to Node.js 1.6.1 incorrectly handles an error condition that fails to obtain an access token. This is exploitab...
EAP: field-name is not parsed in accordance to RFC7230
A flaw was discovered in JBoss EAP, where it does not process the header field-name in accordance with RFC7230. Whitespace between the header field-name and colon is processed, resulting in an HTTP response code of 200 instead of a bad request of 400...