CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4 matches found

Veracode•added 2022/07/04 4:26 a.m.•52 views

Session Fixation

passport is vulnerable to session fixation. A remote unauthenticated attacker is able to gain access to guest sessions because when a user logs in or logs out, the session is regenerated instead of being closed...

4.8CVSS6.1AI score0.00812EPSS

Exploits0References2Affected Software1

vulnersOsv•added 2022/07/02 12:0 a.m.•3 views

1batch (=1.0.0), 30-lines-telegram-bot (>=1.0.0 <=1.0.1) +4714 more potentially affected by CVE-2022-25896 via passport (>=0.1.10 <=0.5.3)

passport NPM version =0.1.10, =1.0.0, =1.1.0, =4.11.0, =0.1.0, =0.0.1, =1.0.3, =1.0.0, =1.0.0, =1.0.0, =0.0.1, =1.1.18 and more Source cves: CVE-2022-25896 Source advisory: OSV:GHSA-V923-W3X8-WH69...

5.8CVSS6.1AI score0.00812EPSS

Exploits0

ATTACKERKB•added 2022/07/01 8:0 p.m.•1 views

CVE-2022-25896

This affects the package passport before 0.6.0. When a user logs in or logs out, the session is regenerated instead of being closed...

5.8CVSS6.3AI score0.00812EPSS

Exploits0References4

vulnersOsv•added 2022/05/20 9:9 a.m.•2 views

1batch (=1.0.0), 30-lines-telegram-bot (>=1.0.0 <=1.0.1) +4714 more potentially affected by CVE-2022-25896 via passport (>=0.1.10 <=0.5.3)

passport NPM version =0.1.10, =1.0.0, =1.1.0, =4.11.0, =0.1.0, =0.0.1, =1.0.3, =1.0.0, =1.0.0, =1.0.0, =0.0.1, =1.1.18 and more Source cves: CVE-2022-25896 Source advisory: SNYK:JS-PASSPORT-2840631...

5.8CVSS6.1AI score0.00812EPSS

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by