Linux Distros Unpatched Vulnerability : CVE-2020-12690

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. The list of roles provided for an OAuth1 access token is silently ignored. Thus, when a...

centralization risk

Lines of code Vulnerability details Impact Can lead to unlimited minting of tokens Proof of Concept If any of the provided roles / actors get malicious, then unlimited number for tokens either for mint or redeem, can lead to loss for the protocol. It should be onlyadmin based or either should be...