Debian: Security Advisory (DLA-301-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Denial-of-service possibility in logout() view by filling session store

The 1 contrib.sessions.backends.base.SessionBase.flush and 2 cachedb.SessionStore.flush functions in Django 1.7.x before 1.7.10, 1.4.x before 1.4.22, and possibly other versions create empty sessions in certain circumstances, which allows remote attackers to cause a denial of service session stor...

GHSA-X38M-486C-2WR9 Denial-of-service possibility in logout() view by filling session store

The 1 contrib.sessions.backends.base.SessionBase.flush and 2 cachedb.SessionStore.flush functions in Django 1.7.x before 1.7.10, 1.4.x before 1.4.22, and possibly other versions create empty sessions in certain circumstances, which allows remote attackers to cause a denial of service session stor...

GHSA-V2WF-C3J6-WPVW Session fixation

Impact The use of Plug.Session in Pow.Plug.Session is susceptible to session fixation attacks if a persistent session store is used for Plug.Session, such as Redis or a database. Cookie store, which is used in most Phoenix apps, doesn't have this vulnerability. Workarounds Call...

rubygem-activerecord-session_store: hijack sessions by using timing attacks targeting the session id

A flaw was found in the activerecord-sessionstore Active Record Session Store component through version 1.1.3 for Ruby on Rails where it does not use a constant time approach when delivering information about whether a guessed session ID is valid. This flaw allows remote attackers to leverage...

Authentication flaw

Pterodactyl is an open-source game server management panel built with PHP 7, React, and Go. A malicious user can modify the contents of a confirmationtoken input during the two-factor authentication process to reference a cache value not associated with the login attempt. In rare cases this can...

GHSA-5VFX-8W6M-H3V4 Pterodactyl Panel vulnerable to authentication bypass due to improper user-provided security token verification

A malicious user can modify the contents of a confirmationtoken input during the two-factor authentication process to reference a cache value not associated with the login attempt. In rare cases this can allow a malicious actor to authenticate as a random user in the Panel. The malicious user mus...

PT-2021-23112 · Unknown · Pterodactyl

Name of the Vulnerable Software and Affected Versions: Pterodactyl affected versions not specified Description: A malicious user can modify the contents of a confirmation token input during the two-factor authentication process to reference a cache value not associated with the login attempt. Thi...

CVE-2021-29485

Ratpack is a toolkit for creating web applications. In versions prior to 1.9.0, a malicious attacker can achieve Remote Code Execution RCE via a maliciously crafted Java deserialization gadget chain leveraged against the Ratpack session store. If one's application does not use Ratpack's session...

CVE-2021-29485

Ratpack is a toolkit for creating web applications. In versions prior to 1.9.0, a malicious attacker can achieve Remote Code Execution RCE via a maliciously crafted Java deserialization gadget chain leveraged against the Ratpack session store. If one's application does not use Ratpack's session...

CVE-2021-29485

Ratpack vulnerability CVE-2021-29485 affects versions before 1.9.0 when using Ratpack's session storage. An attacker can achieve remote code execution by crafting a Java deserialization gadget chain in the session data, provided the application writes to the session store. If an application does ...

Ratpack 代码问题漏洞

Ratpack is a Java library for building scalable HTTP applications. A security vulnerability exists in Ratpack versions prior to 1.9.0, which can be exploited by an attacker to achieve remote code execution via a maliciously crafted chain of Java deserialization gadgets targeting Ratpack session...

Timing Attack

Overview activerecord-sessionstore is an Action Dispatch session store backed by an Active Record class. Affected versions of this package are vulnerable to Timing Attack. It does not use a constant-time approach when delivering information about whether a guessed session ID is valid. Consequentl...

UBUNTU-CVE-2019-25025

The activerecord-sessionstore aka Active Record Session Store component through 1.1.3 for Ruby on Rails does not use a constant-time approach when delivering information about whether a guessed session ID is valid. Consequently, remote attackers can leverage timing discrepancies to achieve a...

Rafael França activerecord-session_store 安全漏洞

Rafael França activerecord-sessionstore is an open source application by Rafael França. A default class is provided, but any object with a textual sessionid and data attribute duck-typed into the Active Record Session class is sufficient. A security vulnerability exists in all versions of...

CVE-2020-5205

In Pow Hex package before 1.0.16, the use of Plug.Session in Pow.Plug.Session is susceptible to session fixation attacks if a persistent session store is used for Plug.Session, such as Redis or a database. Cookie store, which is used in most Phoenix apps, doesn't have this vulnerability...

Session fixation

In Pow Hex package before 1.0.16, the use of Plug.Session in Pow.Plug.Session is susceptible to session fixation attacks if a persistent session store is used for Plug.Session, such as Redis or a database. Cookie store, which is used in most Phoenix apps, doesn't have this vulnerability...

CVE-2020-5205

CVE-2020-5205 affects Pow (Hex package) prior to 1.0.16 in Pow.Plug.Session when a persistent session store (e.g., Redis or database) is used. The vulnerability enables session fixation attacks due to how Plug.Session handles the session across persistent stores; cookie store usage (common in Pho...

The vulnerability in the implementation of the FileSessionDataStore class for the Jetty HTTP server allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the FileSessionDataStore class implementation in the Jetty HTTP server is related to a configuration error in J2EE. Exploiting this vulnerability allows an attacker, operating remotely, to gain unauthorized access to protected information by managing sessions using the...

Django Denial-of-service by filling session store

The session backends in Django before 1.4.21, 1.5.x through 1.6.x, 1.7.x before 1.7.9, and 1.8.x before 1.8.3 allows remote attackers to cause a denial of service session store consumption via multiple requests with unique session keys...