Lucene search
K

3 matches found

vulnersOsv
vulnersOsv
added 2025/09/16 10:20 p.m.6 views

com.datasqrl:sqrl-discovery (>=0.7.0 <=0.8.7), com.datasqrl:sqrl-planner (>=0.7.0 <=0.8.7) +20 more potentially affected by CVE-2025-59432 via com.ongres.scram:scram-common (>=3.0 <=3.1)

com.ongres.scram:scram-common MAVEN version =3.0, =0.7.0, =0.7.0, =0.7.0, =0.3.124, =0.3.124, =0.3.124, =0.3.124, =0.3.124, =0.3.124, =0.3.124, =0.3.124, =0.3.124, =1.0.0, =3.0, =2.4.0-RC1, =2.4.0-rc1 and more Source cves: CVE-2025-59432 Source advisory: SNYK:JAVA-COMONGRESSCRAM-12818392...

8.7CVSS5.8AI score0.00835EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/09/16 10:20 p.m.5 views

com.datasqrl:sqrl-discovery (>=0.7.0 <=0.8.7), com.datasqrl:sqrl-planner (>=0.7.0 <=0.8.7) +20 more potentially affected by CVE-2025-59432 via com.ongres.scram:scram-common (>=3.0 <=3.1)

com.ongres.scram:scram-common MAVEN version =3.0, =0.7.0, =0.7.0, =0.7.0, =0.3.124, =0.3.124, =0.3.124, =0.3.124, =0.3.124, =0.3.124, =0.3.124, =0.3.124, =0.3.124, =1.0.0, =3.0, =2.4.0-RC1, =2.4.0-rc1 and more Source cves: CVE-2025-59432 Source advisory: OSV:GHSA-3WFH-36RX-9537...

8.7CVSS5.8AI score0.00835EPSS
Exploits0
Snyk
Snyk
added 2025/09/16 10:20 p.m.1 views

Timing Attack

Overview Affected versions of this package are vulnerable to Timing Attack via the verifyClientProof function which use Arrays.equals function. An attacker can infer sensitive authentication material by exploiting timing differences during the comparison of secret values. Remediation Upgrade...

8.7CVSS6.8AI score0.00835EPSS
Exploits0References2
Rows per page
Query Builder