4 matches found
CVE-2026-29044 EVerest: Charging Continues When WithdrawAuthorization Is Processed Before TransactionStarted
EVerest is an EV charging software stack. Prior to version 2026.02.0, when WithdrawAuthorization is processed before the TransactionStarted event, AuthHandler determines transactionactive=false and only calls withdrawauthorizationcallback. This path ultimately calls Charger::deauthorize, but no...
MiracleLinux 8 : python27:2.7 (AXSA:2022-3551:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3551:01 advisory. python: urllib: Regular expression DoS in AbstractBasicAuthHandler CVE-2021-3733 python: ftplib should not use the host from the PASV response...
GHSA-H3RW-77W7-92GF Samly access control vulnerability
In the Samly package before 1.4.0 for Elixir, Samly.State.Store.getassertion/3 can return an expired session, which interferes with access control because Samly.AuthHandler uses a cached session and does not replace it, even after expiry...
PT-2024-21111 · Samly · Samly
Name of the Vulnerable Software and Affected Versions: Samly package versions prior to 1.4.0 for Elixir Description: The issue arises from the Samly.State.Store.get assertion/3 function, which can return an expired session. This interferes with access control because Samly.AuthHandler uses a cach...