Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/11/27 1:4 p.m.10 views

CVE-2025-55796

The openml/openml.org web application version v2.0.20241110 uses predictable MD5-based tokens for critical user workflows such as signup confirmation, password resets, email confirmation resends, and email change confirmation. These tokens are generated by hashing the current timestamp formatted ...

7.5CVSS7.1AI score0.00517EPSS
Exploits1References1
NVD
NVD
added 2025/11/18 5:16 p.m.14 views

CVE-2025-55796

The openml/openml.org web application version v2.0.20241110 uses predictable MD5-based tokens for critical user workflows such as signup confirmation, password resets, email confirmation resends, and email change confirmation. These tokens are generated by hashing the current timestamp formatted ...

7.5CVSS0.00517EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2025/11/18 12:0 a.m.4 views

CVE-2025-55796

The openml/openml.org web application version v2.0.20241110 uses predictable MD5-based tokens for critical user workflows such as signup confirmation, password resets, email confirmation resends, and email change confirmation. These tokens are generated by hashing the current timestamp formatted ...

6.7AI score0.00517EPSS
Exploits1References3
CVE
CVE
added 2025/11/18 12:0 a.m.18 views

CVE-2025-55796

OpenML Frontend (openml.org) web app version v2.0.20241110 is affected by a token-generation flaw. Tokens used for signup confirmation, password resets, email confirmations/resends, and email changes are MD5-based and generated from the current timestamp (format "%d %H:%M:%S") without user-specif...

7.5CVSS6.7AI score0.00517EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder