5 matches found
CVE-2024-29868
creationtimestamp| type| source ---|---|--- 2024-06-27 04:28:10+00:00| published-proof-of-concept| https://t.me/HackingInsights/3715...
org.apache.streampipes:streampipes-backend (>=0.69.0 <=0.90.0), org.apache.streampipes:streampipes-connect-container-master (>=0.69.0 <=0.90.0) +9 more potentially affected by CVE-2024-29868 via org.apache.streampipes:streampipes-resource-management (>=0.69.0 <=0.93.0)
org.apache.streampipes:streampipes-resource-management MAVEN version =0.69.0, =0.69.0, =0.69.0, =0.91.0, =0.70.0, =0.69.0, =0.69.0, =0.69.0, =0.69.0, =0.69.0, =0.91.0, =0.93.0 - org.apache.streampipes:streampipes-service-core-minimal =0.93.0 Source cves: CVE-2024-29868 Source advisory:...
CVE-2024-29868
Use of Cryptographically Weak Pseudo-Random Number Generator PRNG vulnerability in Apache StreamPipes user self-registration and password recovery mechanism. This allows an attacker to guess the recovery token in a reasonable time and thereby to take over the attacked user's account. This issue...
CVE-2024-29868
Use of Cryptographically Weak Pseudo-Random Number Generator PRNG vulnerability in Apache StreamPipes user self-registration and password recovery mechanism. This allows an attacker to guess the recovery token in a reasonable time and thereby to take over the attacked user's account. This issue...
CVE-2024-29868 Apache StreamPipes, Apache StreamPipes: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in Recovery Token Generation
Use of Cryptographically Weak Pseudo-Random Number Generator PRNG vulnerability in Apache StreamPipes user self-registration and password recovery mechanism. This allows an attacker to guess the recovery token in a reasonable time and thereby to take over the attacked user's account. This issue...