Lucene search
+L

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 11:59 p.m.5 views

CVE-2022-42731

mfa/FIDO2.py in django-mfa2 before 2.5.1 and 2.6.x before 2.6.1 allows a replay attack that could be used to register another device for a user. The device registration challenge is not invalidated after usage...

7.5CVSS6.7AI score0.01005EPSS
Exploits1References1
NVD
NVD
added 2022/10/11 2:15 p.m.25 views

CVE-2022-42731

mfa/FIDO2.py in django-mfa2 before 2.5.1 and 2.6.x before 2.6.1 allows a replay attack that could be used to register another device for a user. The device registration challenge is not invalidated after usage...

7.5CVSS0.01005EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2022/10/11 12:0 a.m.6 views

CVE-2022-42731

mfa/FIDO2.py in django-mfa2 before 2.5.1 and 2.6.x before 2.6.1 allows a replay attack that could be used to register another device for a user. The device registration challenge is not invalidated after usage...

7.4AI score0.01005EPSS
Exploits1References3
CVE
CVE
added 2022/10/11 12:0 a.m.86 views

CVE-2022-42731

CVE-2022-42731 affects django-mfa2, specifically the mfa/FIDO2.py component. The vulnerability is a replay attack where the device registration challenge is not invalidated after use, enabling an attacker to register another device for a user. Affected versions are before 2.5.1 and 2.6.x before 2...

7.5CVSS7.3AI score0.01005EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2022/10/11 12:0 a.m.15 views

CVE-2022-42731

mfa/FIDO2.py in django-mfa2 before 2.5.1 and 2.6.x before 2.6.1 allows a replay attack that could be used to register another device for a user. The device registration challenge is not invalidated after usage...

7.5CVSS7.4AI score0.01005EPSS
Exploits1References5
Rows per page
Query Builder