25 matches found
CVE-2023-38251 Adobe Commerce | Uncontrolled Resource Consumption (CWE-400)
Adobe Commerce versions 2.4.7-beta1 and earlier, 2.4.6-p2 and earlier, 2.4.5-p4 and earlier and 2.4.4-p5 and earlier are affected by a Uncontrolled Resource Consumption vulnerability that could lead in minor application denial-of-service. Exploitation of this issue does not require user interacti...
Information Disclosure
gitlab is vulnerable to Information Disclosure. The vulnerability occurs because marshalled session keys were being stored in redis, resulting in Cleartext Storage of Sensitive Information...
Unspecified Vulnerability in GitLab (CNVD-2021-26101)
GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A security vulnerability exists in GitLab versions after...
aio-libs aiohttp-session session fixation vulnerability
aio-libs aiohttp-session is an application that supports storing user-specific data into session objects. A session fixation vulnerability exists in the 'RedisStorage' function of RedisStorage in aio-libs aiohttp-session. An attacker can exploit this vulnerability to hijack a session with the hel...
PYSEC-2018-80
aio-libs aiohttp-session contains a Session Fixation vulnerability in loadsession function for RedisStorage see: https://github.com/aio-libs/aiohttp-session/blob/master/aiohttpsession/redisstorage.pyL42 that can result in Session Hijacking. This attack appear to be exploitable via Any method that...