CVE-2020-13254

A flaw was found in Django, where the memcached backend does not perform key validation and passes malformed keys. This flaw causes a key collision and potential data leakage. The highest threat from this vulnerability is to confidentiality...

DEBIAN-CVE-2020-13254

An issue was discovered in Django 2.2 before 2.2.13 and 3.0 before 3.0.7. In cases where a memcached backend does not perform key validation, passing malformed cache keys could result in a key collision, and potential data leakage...

CVE-2020-13254

An issue was discovered in Django 2.2 before 2.2.13 and 3.0 before 3.0.7. In cases where a memcached backend does not perform key validation, passing malformed cache keys could result in a key collision, and potential data leakage...

Input validation

An issue was discovered in Django 2.2 before 2.2.13 and 3.0 before 3.0.7. In cases where a memcached backend does not perform key validation, passing malformed cache keys could result in a key collision, and potential data leakage...

PYSEC-2020-31

An issue was discovered in Django 2.2 before 2.2.13 and 3.0 before 3.0.7. In cases where a memcached backend does not perform key validation, passing malformed cache keys could result in a key collision, and potential data leakage...

CVE-2020-13254

An issue was discovered in Django 2.2 before 2.2.13 and 3.0 before 3.0.7. In cases where a memcached backend does not perform key validation, passing malformed cache keys could result in a key collision, and potential data leakage...

CVE-2020-13254

An issue was discovered in Django 2.2 before 2.2.13 and 3.0 before 3.0.7. In cases where a memcached backend does not perform key validation, passing malformed cache keys could result in a key collision, and potential data leakage...

CVE-2020-13254

An issue was discovered in Django 2.2 before 2.2.13 and 3.0 before 3.0.7. In cases where a memcached backend does not perform key validation, passing malformed cache keys could result in a key collision, and potential data leakage...

UBUNTU-CVE-2020-13254

An issue was discovered in Django 2.2 before 2.2.13 and 3.0 before 3.0.7. In cases where a memcached backend does not perform key validation, passing malformed cache keys could result in a key collision, and potential data leakage...

Django -- multiple vulnerabilities

Django security release reports: CVE-2020-13254: Potential data leakage via malformed memcached keys In cases where a memcached backend does not perform key validation, passing malformed cache keys could result in a key collision, and potential data leakage. In order to avoid this vulnerability,...

PT-2020-15399 · Jenkins · Jenkins Amazon Ec2 Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Amazon EC2 Plugin versions 1.50.1 and earlier Description: The issue concerns a lack of SSH host key validation when connecting agents, which could enable man-in-the-middle attacks to intercept connections to build agents. This could...

CloudBees Jenkins Mac Plugin Data Falsification Issue Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . Mac Plugin is used in one of...

The vulnerability of the managed-keys function in the DNS BIND server allows a attacker to cause a service failure.

The vulnerability of the managed-keys function in the DNS BIND server is related to a key validation error, especially when an unsupported algorithm is used. Exploiting this vulnerability can allow a remote attacker to cause a service failure...

CVE-2011-3374

It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack...

CVE-2019-14995

The /rest/api/1.0/render resource in Jira before version 8.4.0 allows remote anonymous attackers to determine if an attachment with a specific name exists and if an issue key is valid via a missing permissions check...

GHSA-J59F-6M4Q-62H6 Improper Key Verification in ipns

Versions 0.1.1 or 0.1.2 of ipns are vulnerable to improper key validation. This is due to the public key verification was not being performed properly, resulting in any key being valid. Recommendation Update to version 0.1.3 or later...

CVE-2019-10014

In DedeCMS 5.7SP2, member/resetpassword.php allows remote authenticated users to reset the passwords of arbitrary users via a modified id parameter, because the key parameter is not properly validated...

bouncycastle: Other party DH public keys are not fully validated

In the Bouncy Castle JCE Provider version 1.55 and earlier the other party DH public key is not fully validated. This can cause issues as invalid keys can be used to reveal details about the other party's private key where static Diffie-Hellman is in use. As of release 1.56 the key parameters are...

bouncycastle: Other party DH public keys are not fully validated

In the Bouncy Castle JCE Provider version 1.55 and earlier the other party DH public key is not fully validated. This can cause issues as invalid keys can be used to reveal details about the other party's private key where static Diffie-Hellman is in use. As of release 1.56 the key parameters are...

CVE-2016-1000346

In the Bouncy Castle JCE Provider version 1.55 and earlier the other party DH public key is not fully validated. This can cause issues as invalid keys can be used to reveal details about the other party's private key where static Diffie-Hellman is in use. As of release 1.56 the key parameters are...