Bleeping Computer

Critical Golang XML parser bugs can cause SAML authentication bypass

This week, Mattermost, in coordination with Golang has disclosed 3 critical vulnerabilities within Go language's XML parser. If exploited, these vulnerabilities, also impacting multiple Go-based SAML ...
TechRadar

Serious Java vulnerability lets hackers masquerade as anyone they please

Oracle has patched a nasty vulnerability in the Java framework, the severity of which cannot be overstated, security experts say. Tracked as CVE-2022-21449, the flaw was found in the company’s ...
Ars Technica

Major cryptography blunder in Java enables “psychic paper” forgeries

Organizations using newer versions of Oracle’s Java framework woke up on Wednesday to a disquieting advisory: A critical vulnerability can make it easy for adversaries to forge TLS certificates and ...