4 matches found
CVE-2024-29868 Apache StreamPipes, Apache StreamPipes: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in Recovery Token Generation
Use of Cryptographically Weak Pseudo-Random Number Generator PRNG vulnerability in Apache StreamPipes user self-registration and password recovery mechanism. This allows an attacker to guess the recovery token in a reasonable time and thereby to take over the attacked user's account. This issue...
json-smart Uncontrolled Recursion vulnerability
Impact Affected versions of net.minidev:json-smart are vulnerable to Denial of Service DoS due to a StackOverflowError when parsing a deeply nested JSON array or object. When reaching a ‘‘ or ‘‘ character in the JSON input, the code parses an array or an object respectively. It was discovered tha...
nvd.nist.gov Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1159706 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website...
Fedora 31 : php-robrichards-xmlseclibs1 (2020-46d0f456a9)
1.4.3 12, Nov 2019 Security Improvements : - Insure only a single SignedInfo element exists within a signature during verification. Refs CVE-2019-3465. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has...