Lucene search
K

4 matches found

OSV
OSV
added 2025/11/20 3:30 p.m.3 views

GHSA-62VX-HPCR-M9CH @perfood/couch-auth may expose session tokens, passwords

Session tokens and passwords in couch-auth 0.21.2 are stored in JavaScript objects and remain in memory without explicit clearing in src/user.ts lines 700-707. This creates a window of opportunity for sensitive data extraction through memory dumps, debugging tools, or other memory access...

8.7CVSS6.7AI score0.00182EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/11/20 12:0 a.m.6 views

CVE-2025-60794

Session tokens and passwords in couch-auth 0.21.2 are stored in JavaScript objects and remain in memory without explicit clearing in src/user.ts lines 700-707. This creates a window of opportunity for sensitive data extraction through memory dumps, debugging tools, or other memory access...

0.00182EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/11/20 12:0 a.m.2 views

CVE-2025-60794

Session tokens and passwords in couch-auth 0.21.2 are stored in JavaScript objects and remain in memory without explicit clearing in src/user.ts lines 700-707. This creates a window of opportunity for sensitive data extraction through memory dumps, debugging tools, or other memory access...

6.3AI score0.00182EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 8:35 a.m.4 views

CVE-2024-32151

User passwords are decrypted and stored on memory before any user logged in. Those decrypted passwords can be retrieved from the coredump file. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed under...

5.9CVSS8.7AI score0.01281EPSS
Exploits1References1
Rows per page
Query Builder