A vulnerability was found in 3Scale, when used with Keycloak 15 (or RHSSO 7.5.0) and superiors. When the auth_type is use_3scale_o

It was found that 3scale's APIdocs does not validate the access token, in the case of invalid token, it uses session auth instead.

A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and discon

It was found that all versions of 3Scale developer portal lacked brute force protections. An attacker could use this gap to bypass

A flaw was found in Red Hat 3scale’s API docs URL, where it is accessible without credentials. This flaw allows an attacker to v

A vulnerability was found that the 3scale dev portal does not employ mechanisms for protection against login CSRF. An attacker cou

A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7. This flaw occurs while i

A vulnerability was found in 3scale before version 2.6, did not set the HTTPOnly attribute on the user session cookie. An attacker