2 matches found
d-pac.cms (=0.5.7), keystone-db-shortcuts (>=0.0.9 <=0.1.15) +12 more potentially affected by CVE-2015-9240 via keystone (>=0.2.26 <=0.2.42)
keystone NPM version =0.2.26, =0.0.9, =0.0.1, =1.0.2, =0.0.0, =0.0.8, =0.0.8, =0.0.3, =0.0.4, =0.0.30 Source cves: CVE-2015-9240 Source advisory: OSV:GHSA-39PJ-GQ8Q-9PFJ...
CVE-2015-9240
CVE-2015-9240 affects the keystone node module prior to 0.3.16. The vulnerability is a partial authentication bypass in the default sign-in flow: if an attacker provides a full and correct password but only a partial email address, authentication can be granted. Affected component is the keystone...