Lucene search
K

7 matches found

OSV
OSV
added 2024/06/11 12:15 p.m.4 views

CVE-2024-35206

A vulnerability has been identified in SINEC Traffic Analyzer 6GK8822-1BG01-0BA0 All versions V1.2. The affected application does not expire the session. This could allow an attacker to get unauthorized access...

8.5CVSS7AI score0.00328EPSS
Exploits0References1
OSV
OSV
added 2021/02/17 12:15 p.m.7 views

CVE-2021-22553

Any git operation is passed through Jetty and a session is created. No expiry is set for the session and Jetty does not automatically dispose of the session. Over multiple git actions, this can lead to a heap memory exhaustion for Gerrit servers. We recommend upgrading Gerrit to any of the versio...

7.5CVSS7.1AI score0.00355EPSS
Exploits0References1
OSV
OSV
added 2018/12/20 10:1 p.m.16 views

GHSA-MR4X-C4V9-X729 aiohttp-session creates non-expiring sessions

aio-libs aiohttp-session version 2.6.0 and earlier contains a Other/Unknown vulnerability in EncryptedCookieStorage and NaClCookieStorage that can result in Non-expiring sessions / Infinite lifespan. This attack appear to be exploitable via Recreation of a cookie post-expiry with the same value...

7.1CVSS6.3AI score0.00965EPSS
Exploits1References7
Github Security Blog
Github Security Blog
added 2018/12/20 10:1 p.m.25 views

aiohttp-session creates non-expiring sessions

aio-libs aiohttp-session version 2.6.0 and earlier contains a Other/Unknown vulnerability in EncryptedCookieStorage and NaClCookieStorage that can result in Non-expiring sessions / Infinite lifespan. This attack appear to be exploitable via Recreation of a cookie post-expiry with the same value...

6.5CVSS6.2AI score0.00965EPSS
Exploits1References6Affected Software1
Prion
Prion
added 2018/12/20 3:29 p.m.11 views

Improper access control

aio-libs aiohttp-session version 2.6.0 and earlier contains a Other/Unknown vulnerability in EncryptedCookieStorage and NaClCookieStorage that can result in Non-expiring sessions / Infinite lifespan. This attack appear to be exploitable via Recreation of a cookie post-expiry with the same value...

4CVSS6.4AI score0.00965EPSS
Exploits1References2Affected Software1
PyPA
PyPA
added 2018/12/20 3:29 p.m.7 views

PYSEC-2018-35

aio-libs aiohttp-session version 2.6.0 and earlier contains a Other/Unknown vulnerability in EncryptedCookieStorage and NaClCookieStorage that can result in Non-expiring sessions / Infinite lifespan. This attack appear to be exploitable via Recreation of a cookie post-expiry with the same value...

6.5CVSS6.8AI score0.00965EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2018/12/20 3:29 p.m.17 views

CVE-2018-1000814

aio-libs aiohttp-session version 2.6.0 and earlier contains a Other/Unknown vulnerability in EncryptedCookieStorage and NaClCookieStorage that can result in Non-expiring sessions / Infinite lifespan. This attack appear to be exploitable via Recreation of a cookie post-expiry with the same value...

6.5CVSS6.4AI score
Exploits0References2
Rows per page
Query Builder