资讯

Bleeping Computer2 年

Auth0 fixes RCE flaw in JsonWebToken library used by 22,000 projects

Update 1/31/23: Auth0 has withdrawn their security advisory on the JsonWebToken poisoning attack disclosed by Palo Alto Networks earlier this month. "After review and validation of community feedback ...
Bleeping Computer4月

Cisco fixes max severity IOS XE flaw letting attackers hijack devices

Cisco has fixed a maximum severity flaw in IOS XE Software for Wireless LAN Controllers by a hard-coded JSON Web Token (JWT) that allows an unauthenticated remote attacker to take over devices. This ...