6 matches found
EUVD-2025-17468
Malicious code in bioql PyPI...
CVE-2025-49006
Wasp Web Application Specification is a Rails-like framework for React, Node.js, and Prisma. Prior to version 0.16.6, Wasp authentication has a vulnerability in the OAuth authentication implementation affecting only Keycloak with a specific config. Wasp currently lowercases OAuth user IDs before...
CVE-2025-49006
Wasp Web Application Specification is a Rails-like framework for React, Node.js, and Prisma. Prior to version 0.16.6, Wasp authentication has a vulnerability in the OAuth authentication implementation affecting only Keycloak with a specific config. Wasp currently lowercases OAuth user IDs before...
CVE-2025-49006
CVE-2025-49006 concerns Wasp (Web Application Specification), a Rails-like framework used with React/Node/Prisma. Prior to 0.16.6, the OAuth implementation lowercases OAuth user IDs before storing/fetching, which can violate OAuth/OpenID Connect specs and lead to user impersonation, account colli...
CVE-2025-49006 Wasp has case insensitive OAuth ID vulnerability
Wasp Web Application Specification is a Rails-like framework for React, Node.js, and Prisma. Prior to version 0.16.6, Wasp authentication has a vulnerability in the OAuth authentication implementation affecting only Keycloak with a specific config. Wasp currently lowercases OAuth user IDs before...
CVE-2025-49006 Wasp has case insensitive OAuth ID vulnerability
Wasp Web Application Specification is a Rails-like framework for React, Node.js, and Prisma. Prior to version 0.16.6, Wasp authentication has a vulnerability in the OAuth authentication implementation affecting only Keycloak with a specific config. Wasp currently lowercases OAuth user IDs before...