Lucene search
GitHub Advisory DatabaseGHSA-39VM-P9MR-4R27HistoryMay 17, 2022 - 5:22 a.m.
Beaker Sensitive Information Disclosure vulnerability
2022-05-1705:22:19
GitHub Advisory Database
github.com
2
Beaker before 1.6.4, when using PyCrypto to encrypt sessions, uses AES in ECB cipher mode, which might allow remote attackers to obtain portions of sensitive session data via unspecified vectors.
References
www.debian.org/security/2012/dsa-2541
www.openwall.com/lists/oss-security/2012/08/13/10
bugzilla.redhat.com/show_bug.cgi?id=809267
github.com/advisories/GHSA-39vm-p9mr-4r27
github.com/bbangert/beaker/commit/91becae76101cf87ce8cbfabe3af2622fc328fe5
nvd.nist.gov/vuln/detail/CVE-2012-3458
web.archive.org/web/20140724164516/secunia.com/advisories/50226
web.archive.org/web/20140725025612/secunia.com/advisories/50520
Related
nessus
nessus
EulerOS 2.0 SP3 : python-beaker (EulerOS-SA-2021-2608)
2021-10-25 00:00:00
Debian DSA-2541-1 : beaker - information disclosure
2012-09-10 00:00:00
cve
cve
CVE-2012-3458
2012-09-15 17:55:00
openvas
openvas
Huawei EulerOS: Security Advisory for python-beaker (EulerOS-SA-2021-2608)
2021-10-26 00:00:00
Debian Security Advisory DSA 2541-1 (beaker)
2012-09-15 00:00:00
Debian: Security Advisory (DSA-2541-1)
2012-09-15 00:00:00
cvelist
cvelist
CVE-2012-3458
2012-09-15 17:00:00
securityvulns
securityvulns
[SECURITY] [DSA 2541-1] beaker security update
2012-10-29 00:00:00
Beaker information leakage
2012-10-29 00:00:00
prion
prion
Code injection
2012-09-15 17:55:00
debian
debian
[SECURITY] [DSA 2541-1] beaker security update
2012-09-07 18:46:58
osv
osv
PYSEC-2012-1
2012-09-15 17:55:00
debiancve
debiancve
CVE-2012-3458
2012-09-15 17:55:00
ubuntucve
ubuntucve
CVE-2012-3458
2012-09-15 00:00:00