7 matches found
CVE-2022-39228
vantage6 is a privacy preserving federated learning infrastructure for secure insight exchange. vantage6 does not inform the user of wrong username/password combination if the username actually exists. This is an attempt to prevent bots from obtaining usernames. However, if a wrong password is...
vantage6-node (>=3.3.3 <=3.7.3), vantage6-server (>=3.3.3 <=3.7.3) potentially affected by CVE-2022-39228 via vantage6 (>=3.3.3 <=3.7.3)
vantage6 PYPI version =3.3.3, =3.3.3, =3.3.3, =3.7.3 Source cves: CVE-2022-39228 Source advisory: OSV:PYSEC-2023-313...
vantage6-node (>=3.3.3 <=3.7.3), vantage6-server (>=3.3.3 <=3.7.3) potentially affected by CVE-2022-39228 via vantage6 (>=3.3.3 <=3.7.3)
vantage6 PYPI version =3.3.3, =3.3.3, =3.3.3, =3.7.3 Source cves: CVE-2022-39228 Source advisory: OSV:PYSEC-2023-52...
CVE-2022-39228 Observable Response Discrepancy in vantage6
vantage6 is a privacy preserving federated learning infrastructure for secure insight exchange. vantage6 does not inform the user of wrong username/password combination if the username actually exists. This is an attempt to prevent bots from obtaining usernames. However, if a wrong password is...
CVE-2022-39228 Observable Response Discrepancy in vantage6
vantage6 is a privacy preserving federated learning infrastructure for secure insight exchange. vantage6 does not inform the user of wrong username/password combination if the username actually exists. This is an attempt to prevent bots from obtaining usernames. However, if a wrong password is...
CVE-2022-39228
CVE-2022-39228 affects vantage6, a privacy-preserving federated learning infrastructure. The issue is an information-disclosure bug where the system does not clearly reveal whether a username exists when credentials are entered, enabling a potential username enumeration risk. The vulnerability is...
vantage6-node (>=0.0.0 <=3.11.1), vantage6-server (>=0.0.0 <=3.11.1) potentially affected by CVE-2022-39228 via vantage6 (>=0.0.0 <=3.7.3)
vantage6 PYPI version =0.0.0, =0.0.0, =0.0.0, =3.11.1 Source cves: CVE-2022-39228 Source advisory: OSV:GHSA-36GX-9Q6H-G429...