11 matches found
EUVD-2023-0338
Malicious code in bioql PyPI...
CVE-2024-3460
In KioWare for Windows versions all through 8.34 it is possible to exit this software and use other already opened applications utilizing a short time window before the forced automatic logout occurs. Then, by using some built-in function of these applications, one may launch any other programs. ...
GHSA-59QG-93JG-236F Shopware has Insufficient Session Expiration in Administration
Impact The Administration session expiration was set to one week, when an attacker has stolen the session cookie they could use it for a long period of time. Patches We added an automatic logout into the Administration, so the user will be logged out when they are inactive. References...
CVE-2023-22732
Shopware is an open source commerce platform based on Symfony Framework and Vue js. The Administration session expiration was set to one week, when an attacker has stolen the session cookie they could use it for a long period of time. In version 6.4.18.1 an automatic logout into the Administratio...
Design/Logic Flaw
Shopware is an open source commerce platform based on Symfony Framework and Vue js. The Administration session expiration was set to one week, when an attacker has stolen the session cookie they could use it for a long period of time. In version 6.4.18.1 an automatic logout into the Administratio...
CVE-2023-22732 Insufficient Session Expiration in Administration in shopware
Shopware is an open source commerce platform based on Symfony Framework and Vue js. The Administration session expiration was set to one week, when an attacker has stolen the session cookie they could use it for a long period of time. In version 6.4.18.1 an automatic logout into the Administratio...
CVE-2023-22732
Shopware administration session expiration was set to one week, enabling reuse of a stolen session cookie. The issue is documented across multiple sources (CVE-2023-22732) and is mitigated by updating to version 6.4.18.1, which adds automatic logout after inactivity. The vulnerability affects the...
CVE-2023-22732 Insufficient Session Expiration in Administration in shopware
Shopware is an open source commerce platform based on Symfony Framework and Vue js. The Administration session expiration was set to one week, when an attacker has stolen the session cookie they could use it for a long period of time. In version 6.4.18.1 an automatic logout into the Administratio...
CVE-2023-22732 Insufficient Session Expiration in Administration in shopware
Shopware is an open source commerce platform based on Symfony Framework and Vue js. The Administration session expiration was set to one week, when an attacker has stolen the session cookie they could use it for a long period of time. In version 6.4.18.1 an automatic logout into the Administratio...
PT-2023-18674 · Shopware · Shopware
Name of the Vulnerable Software and Affected Versions: Shopware versions prior to 6.4.18.1 Description: The Administration session expiration was set to one week, allowing an attacker who has stolen the session cookie to use it for a long period. An automatic logout into the Administration sessio...
gnome-settings-daemon bug fix and enhancement update
An update is available for gnome-settings-daemon. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The gnome-settings-daemon packages contain a daemon to share...