Explore >> Select a destination

You are here

 osv.dev
OSV - Open Source Vulnerabilities
| | raphaelhertzog.com
Funding Debian development projects with Freexian, first project received!
76.9 parsecs away

Travel
| |
| | www.jenkins.io
Spring Framework RCE, CVE-2022-22965
38.5 parsecs away

Travel
| | The Jenkins project's response to a critical security vulnerability in the "Spring" framework.
| | blog.phylum.io
The xz/liblzma Compromise and Software Supply Chain Security
47.6 parsecs away

Travel
| | At the end of March 2024, a major software supply chain attack was identified: some upstream forks of the popular xz/liblzma library that underpins the massively popular OpenSSH Server was compromised. A rogue contributor appears to have worked to influence the maintainers of the library, adding in seemingly innocuous
| | jhannes.github.io
OpenID Connect 1: Microsoft Azure Active Directory | Thinking Inside a Bigger Box
79.0 parsecs away

Travel
| The advantage of OpenID Connect is the fact that it's standardized and widely adopted. This means that a library or tool designed to work with, e.g. Google accounts, can easily be adopted to work with e.g. Microsoft's Active Directory or the Norwegian national ID provider ID-porten. Different Identity providers can support different levels of trust between you and your users. The protocol is perceived with an air of mystery by many developers, but it's surprisingly simple to master.