Lucene search
+L

7 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 12:47 a.m.6 views

CVE-2022-39228

vantage6 is a privacy preserving federated learning infrastructure for secure insight exchange. vantage6 does not inform the user of wrong username/password combination if the username actually exists. This is an attempt to prevent bots from obtaining usernames. However, if a wrong password is...

6.5CVSS6.9AI score0.00591EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2023/03/01 5:15 p.m.6 views

vantage6-node (>=3.3.3 <=3.7.3), vantage6-server (>=3.3.3 <=3.7.3) potentially affected by CVE-2022-39228 via vantage6 (>=3.3.3 <=3.7.3)

vantage6 PYPI version =3.3.3, =3.3.3, =3.3.3, =3.7.3 Source cves: CVE-2022-39228 Source advisory: OSV:PYSEC-2023-313...

6.5CVSS6.5AI score0.00591EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2023/03/01 5:15 p.m.4 views

vantage6-node (>=3.3.3 <=3.7.3), vantage6-server (>=3.3.3 <=3.7.3) potentially affected by CVE-2022-39228 via vantage6 (>=3.3.3 <=3.7.3)

vantage6 PYPI version =3.3.3, =3.3.3, =3.3.3, =3.7.3 Source cves: CVE-2022-39228 Source advisory: OSV:PYSEC-2023-52...

6.5CVSS6.5AI score0.00591EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2023/03/01 4:23 p.m.6 views

CVE-2022-39228 Observable Response Discrepancy in vantage6

vantage6 is a privacy preserving federated learning infrastructure for secure insight exchange. vantage6 does not inform the user of wrong username/password combination if the username actually exists. This is an attempt to prevent bots from obtaining usernames. However, if a wrong password is...

5.3CVSS6.7AI score0.00591EPSS
Exploits0References4
Cvelist
Cvelist
added 2023/03/01 4:23 p.m.56 views

CVE-2022-39228 Observable Response Discrepancy in vantage6

vantage6 is a privacy preserving federated learning infrastructure for secure insight exchange. vantage6 does not inform the user of wrong username/password combination if the username actually exists. This is an attempt to prevent bots from obtaining usernames. However, if a wrong password is...

5.3CVSS6.7AI score0.00591EPSS
Exploits0References4
CVE
CVE
added 2023/03/01 4:23 p.m.67 views

CVE-2022-39228

CVE-2022-39228 affects vantage6, a privacy-preserving federated learning infrastructure. The issue is an information-disclosure bug where the system does not clearly reveal whether a username exists when credentials are entered, enabling a potential username enumeration risk. The vulnerability is...

6.5CVSS5.8AI score0.00591EPSS
Exploits0References4Affected Software1
vulnersOsv
vulnersOsv
added 2023/02/28 11:18 p.m.4 views

vantage6-node (>=0.0.0 <=3.11.1), vantage6-server (>=0.0.0 <=3.11.1) potentially affected by CVE-2022-39228 via vantage6 (>=0.0.0 <=3.7.3)

vantage6 PYPI version =0.0.0, =0.0.0, =0.0.0, =3.11.1 Source cves: CVE-2022-39228 Source advisory: OSV:GHSA-36GX-9Q6H-G429...

6.5CVSS6.5AI score0.00591EPSS
Exploits0
Rows per page
Query Builder