We highly recommend Alessandro Albani's article on a vulnerability we successfully resolved in our latest release, version 0.95.0. While it's never easy to be highlighted as a negative example, we're grateful for the opportunity this has provided to strengthen StreamPipes, making it more robust and secure. In the end, this experience underscores one of the greatest strengths of open source: fostering collaboration among diverse experts, leading to improvements that wouldn't be possible otherwise. Thank you very much for the great collaboration, Alessandro! #OpenSource #CyberSecurity #Collaboration #SoftwareDevelopment #StreamPipes #ASFWay
🚨 Avviso Critico di Sicurezza per gli Utenti di Apache StreamPipes! Lo sapevi che un algoritmo debole per la generazione dei token utilizzati per il recupero delle password potrebbe consentire agli attaccanti di impossessarsi facilmente degli account di altri utenti? Per fortuna è possibile: 🔍 Rilevare questa vulnerabilità 🛠️ Sfruttarla a scopo di test 🛡️ Proteggere i tuoi sistemi Come? Te lo spieghiamo sul nuovo articolo scritto da Alessandro Albani sul nostro blog, YLabs, in cui sveliamo i dettagli di CVE-2024-29868: https://lnkd.in/dTJUXefn --------------------------------- 🚨 Critical Security Warning for Apache StreamPipes Users! Did you know that a weak algorithm used to generate tokens for password recovery could allow attackers to easily take over other users' accounts? Thankfully, it is possible to: 🔍 Detect this vulnerability 🛠️ Exploit it for testing purposes 🛡️ Protect your systems How? We explain in the new article written by Alessandro Albani on our blog, YLabs, in which we reveal the details of CVE-2024-2986