Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-vw7g-3cc7-7rmh: cortex establishes TLS connections with `InsecureSkipVerify` set to `true`

A TLS certificate verification issue discovered in cortex v0.42.1 allows attackers to obtain sensitive information via the makeOperatorRequest function.

ghsa
#git#ssl

cortex establishes TLS connections with `InsecureSkipVerify` set to `true`

High severity GitHub Reviewed Published Aug 1, 2024 to the GitHub Advisory Database • Updated Aug 2, 2024

ghsa: Latest News

GHSA-hxf5-99xg-86hw: cap-std doesn't fully sandbox all the Windows device filenames