CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3 matches found

vulnersOsv•added 2022/02/24 12:8 p.m.•0 views

django-b2 (>=0.1.4 <=0.7.0), mdid (=3.6.0) potentially affected by CVE-2022-23651 via b2sdk (>=0.1.6 <=1.0.2)

b2sdk PYPI version =0.1.6, =0.1.4, =0.7.0 - mdid =3.6.0 Source cves: CVE-2022-23651 Source advisory: OSV:GHSA-P867-FXFR-PH2W...

4.7CVSS5.8AI score0.00046EPSS

Exploits0

Veracode•added 2022/02/24 7:35 a.m.•16 views

Time-of-check-time-of-use (TOCTOU)

b2sdk is vulnerable to time-of-check-time-of-use TOCTOU. A local attacker is able to read the contents of the local database file where API keys are saved when using SqliteAccountInfo, resulting in sensitive information disclosure via race condition...

4.7CVSS2.4AI score0.00046EPSS

Exploits0References3Affected Software1

vulnersOsv•added 2022/02/23 11:15 p.m.•1 views

django-b2 (>=0.1.4 <=0.7.0), mdid (=3.6.0) potentially affected by CVE-2022-23651 via b2sdk (>=0.1.6 <=1.0.2)

b2sdk PYPI version =0.1.6, =0.1.4, =0.7.0 - mdid =3.6.0 Source cves: CVE-2022-23651 Source advisory: OSV:PYSEC-2022-33...

4.7CVSS5.8AI score0.00046EPSS

Exploits0

Rows per page