Lucene search
K

6 matches found

OSV
OSV
added 2024/11/22 9:32 p.m.14 views

GHSA-MR95-VFCF-FX9P Apache Answer: Predictable Authorization Token Using UUIDv1

Inadequate Encryption Strength vulnerability in Apache Answer. This issue affects Apache Answer: through 1.4.0. The ids generated using the UUID v1 version are to some extent not secure enough. It can cause the generated token to be predictable. Users are recommended to upgrade to version 1.4.1,...

2.6CVSS3.5AI score0.00229EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2024/11/22 9:32 p.m.22 views

Apache Answer: Predictable Authorization Token Using UUIDv1

Inadequate Encryption Strength vulnerability in Apache Answer. This issue affects Apache Answer: through 1.4.0. The ids generated using the UUID v1 version are to some extent not secure enough. It can cause the generated token to be predictable. Users are recommended to upgrade to version 1.4.1,...

2.6CVSS7AI score0.00229EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2024/11/22 2:36 p.m.19 views

CVE-2024-45719 Apache Answer: Predictable Authorization Token Using UUIDv1

Inadequate Encryption Strength vulnerability in Apache Answer. This issue affects Apache Answer: through 1.4.0. The ids generated using the UUID v1 version are to some extent not secure enough. It can cause the generated token to be predictable. Users are recommended to upgrade to version 1.4.1,...

0.00229EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/22 2:36 p.m.16 views

CVE-2024-45719 Apache Answer: Predictable Authorization Token Using UUIDv1

Inadequate Encryption Strength vulnerability in Apache Answer. This issue affects Apache Answer: through 1.4.0. The ids generated using the UUID v1 version are to some extent not secure enough. It can cause the generated token to be predictable. Users are recommended to upgrade to version 1.4.1,...

6.8AI score0.00229EPSS
Exploits0References1
NVD
NVD
added 2023/08/02 1:15 p.m.35 views

CVE-2023-26451

Functions with insufficient randomness were used to generate authorization tokens of the integrated oAuth Authorization Service. Authorization codes were predictable for third parties and could be used to intercept and take over the client authorization process. As a result, other users accounts...

7.5CVSS7.5AI score0.00995EPSS
Exploits0References4
Cvelist
Cvelist
added 2023/08/02 12:23 p.m.27 views

CVE-2023-26451

Functions with insufficient randomness were used to generate authorization tokens of the integrated oAuth Authorization Service. Authorization codes were predictable for third parties and could be used to intercept and take over the client authorization process. As a result, other users accounts...

7.5CVSS7.7AI score0.00995EPSS
Exploits0References4
Rows per page
Query Builder