Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2026/01/07 9:32 a.m.6 views

CVE-2019-16303

A class generated by the Generator in JHipster before 6.3.0 and JHipster Kotlin through 1.1.0 produces code that uses an insecure source of randomness apache.commons.lang3 RandomStringUtils. This allows an attacker if able to obtain their own password reset URL to compute the value for all other...

9.8CVSS7.3AI score0.03673EPSS
Exploits1References1
Hacker One
Hacker One
added 2020/12/23 6:42 p.m.150 views

GitHub Security Lab: Java: QL Query Detector for JHipster Generated CVE-2019-16303

This bug was reported directly to GitHub Security Lab...

7.5CVSS1.3AI score0.03673EPSS
Exploits1
Hacker One
Hacker One
added 2020/12/23 6:42 p.m.147 views

GitHub Security Lab: 3,880 Pull Requests Generated to fix JHipster RNG Vulnerability CVE-2019-16303

This bug was reported directly to GitHub Security Lab...

7.5CVSS1.1AI score0.03673EPSS
Exploits1
Circl
Circl
added 2020/06/23 10:17 p.m.5 views

CVE-2019-16303

creationtimestamp| type| source ---|---|--- 2020-06-23 22:17:52+00:00| published-proof-of-concept| https://github.com/jhipster/jhipster-kotlin/security/advisories/GHSA-j3rh-8vwq-wh84 2020-12-23 20:42:25+00:00| seen| https://t.me/ctinow/26169 2020-12-23 20:42:26+00:00| seen| https://t.me/ctinow/26...

9.8CVSS7.3AI score0.03673EPSS
Exploits1References3
CVE
CVE
added 2019/09/13 11:43 p.m.272 views

CVE-2019-16303

CVE-2019-16303 affects JHipster-generated apps: a class produced by the Generator (before 6.3.0) and JHipster Kotlin (through 1.1.0) uses an insecure RNG (apache.commons.lang3 RandomStringUtils) to create password reset tokens. This can enable an attacker who obtains their own password reset URL ...

9.8CVSS9.6AI score0.03673EPSS
Exploits1References8Affected Software2
Rows per page
Query Builder