Lucene search
K

10 matches found

nessus
nessus
added 2025/03/05 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2022-25896

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - This affects the package passport before 0.6.0. When a user logs in or logs out, the session is regenerated instead of being closed. CVE-2022-25896 Note that...

5.8CVSS5.7AI score0.00985EPSS
Exploits0References3
ibm
ibm
added 2024/08/08 6:23 p.m.13 views

Security Bulletin: IBM Cloud Pak for Data is vulnerable to session hijacking due to Node.js passport module ( CVE-2022-25896 )

Summary Node.js passport module is used by IBM Cloud Pak for Data as part of the platform. CVE-2022-25896. Vulnerability Details CVEID:CVE-2022-25896 DESCRIPTION: Node.js passport module could allow a remote attacker to hijack a user's session, caused by a session fixation vulnerability. An...

5.8CVSS6.3AI score0.00985EPSS
Exploits0Affected Software1
ibm
ibm
added 2023/04/05 6:42 p.m.166 views

Security Bulletin: Node.js passport is vulnerable to CVE-2022-25896 used in IBM Maximo Application Suite

Summary There is one vulnerability in passport-0.4.1.tgz used by IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2022-25896 DESCRIPTION: Node.js passport module could allow a remote attacker to hijack a user's session, caused by a session fixation vulnerability. An attacker could...

5.8CVSS5AI score0.00985EPSS
Exploits0Affected Software1
redhat
redhat
added 2022/11/02 2:5 p.m.191 views

Moderate: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.6.2 security update and bug fixes

Red Hat Advanced Cluster Management for Kubernetes 2.6.2 General Availability release images, which fix bugs and update container images. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a...

7.5CVSS6.6AI score0.04923EPSS
Exploits2References9
redhatcve
redhatcve
added 2022/07/28 11:9 a.m.35 views

CVE-2022-25896

A misleading session regeneration flaw was found in passport. When a user logs in or logs out, the session is regenerated instead of being closed. This flaw allows an attacker to use a previous session in particular environments. Mitigation Mitigation for this issue is either not available or the...

4.8CVSS1.5AI score0.00985EPSS
Exploits0References4
ubuntucve
ubuntucve
added 2022/07/01 8:15 p.m.47 views

CVE-2022-25896

This affects the package passport before 0.6.0. When a user logs in or logs out, the session is regenerated instead of being closed...

5.8CVSS6.3AI score0.00985EPSS
Exploits0References4
cve
cve
added 2022/07/01 8:6 p.m.257 views

CVE-2022-25896

CVE-2022-25896 affects the passport package prior to v0.6.0, where a user login/logout regenerates the session instead of closing it, enabling potential session hijacking of regenerated sessions. Public details confirm the vulnerable component (passport) and the fixed threshold (0.6.0+). The prov...

5.8CVSS5.3AI score0.00985EPSS
Exploits0References3Affected Software1
cvelist
cvelist
added 2022/07/01 8:6 p.m.26 views

CVE-2022-25896 Session Fixation

This affects the package passport before 0.6.0. When a user logs in or logs out, the session is regenerated instead of being closed...

4.8CVSS5.3AI score0.00985EPSS
Exploits0References3
debiancve
debiancve
added 2022/07/01 8:6 p.m.40 views

CVE-2022-25896

This affects the package passport before 0.6.0. When a user logs in or logs out, the session is regenerated instead of being closed...

5.8CVSS5.4AI score0.00985EPSS
Exploits0
vulnersosv
vulnersosv
added 2022/05/20 9:9 a.m.6 views

1batch (=1.0.0), 30-lines-telegram-bot (>=1.0.0 <=1.0.1) +4707 more potentially affected by CVE-2022-25896 via passport (>=0.1.10 <=0.5.3)

passport NPM version =0.1.10, =1.0.0, =1.1.0, =4.11.0, =0.1.0, =0.0.1, =1.0.3, =1.0.0, =1.0.0, =1.0.0, =0.0.1, =1.1.18 and more Source cves: CVE-2022-25896 Source advisory: SNYK:JS-PASSPORT-2840631...

5.8CVSS6.1AI score0.00985EPSS
Exploits0
Rows per page
Query Builder