GHSA-jh6x-7xfg-9cq2: Searching Opencast may cause a denial of service

GHSA-gjcc-jvgw-wvwj: Litestar allows unbounded resource consumption (DoS vulnerability) 

GHSA-r4pg-vg54-wxx4: cert-manager ha a potential slowdown / DoS when parsing specially crafted PEM inputs

GHSA-9c5p-35gj-jqp4: Rancher Helm Applications may have sensitive values leaked

GHSA-ffp2-8p2h-4m5j: Password Pusher rate limiter can be bypassed by forging proxy headers

Previous to @2ca5bb1c2f11537be8f94ca6867d8d69789e744a (release [0.1.2](https://github.com/zf-fr/zfr-oauth2-server-module/tree/0.1.2)), tokens weren't checked for validity/expiration.

This potentially caused a security issue if expired tokens were not deleted after the expiration time was past, allowing anyone to still use invalidated authentication credentials.

**zfr authentication adapter did not verify validity of tokens**

High severity GitHub Reviewed Published Jun 7, 2024 to the GitHub Advisory Database

Headline

GHSA-rcm4-jv5g-wccm: zfr authentication adapter did not verify validity of tokens

ghsa: Latest News