Lucene search
K

4 matches found

CNNVD
CNNVD
added 2024/10/02 12:0 a.m.3 views

Cocoon 安全漏洞

Cocoon is a simple and reliable security repository from the personal developer Alexander Fadeev. A security vulnerability exists in Cocoon versions prior to 0.4.0 that stems from the easy reuse of Nonce key pairs in encryption, which allows an attacker to generate the same ciphertext by creating...

4.5CVSS6.7AI score0.00139EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2023/10/15 12:0 a.m.5 views

PT-2023-32941 · Cocoon · Cocoon

Name of the Vulnerable Software and Affected Versions: cocoon versions prior to 0.4.0 Description: The issue is related to Reusing a Nonce, Key Pair in Encryption when the encrypt, wrap, and dump functions are sequentially called. An attacker can generate the same ciphertext by creating a new...

6.3CVSS7.1AI score0.00139EPSS
Exploits0References18
Positive Technologies
Positive Technologies
added 2023/01/04 12:0 a.m.8 views

PT-2023-18514 · Unknown · Svg-Sanitizer

Name of the Vulnerable Software and Affected Versions: sanitize-svg versions prior to 0.4.0 Description: The sanitize-svg package uses a deny-list-pattern to sanitize SVGs and prevent cross-site scripting attacks. However, literal -tags and on-event handlers were detected in versions prior to...

7.6CVSS6AI score0.00571EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2022/09/06 12:0 a.m.3 views

PT-2022-23139 · Rizin · Rizin

Name of the Vulnerable Software and Affected Versions: Rizin versions 0.4.0 and prior Description: Rizin is a UNIX-like reverse engineering framework and command-line toolset. The issue arises from an out-of-bounds write when getting data from Luac files. A user opening a malicious Luac file coul...

7.8CVSS7.6AI score0.00361EPSS
Exploits0References9
Rows per page
Query Builder