6 matches found
CVE-2020-4045
SSB-DB version 20.0.0 has an information disclosure vulnerability. The get method is supposed to only decrypt messages when you explicitly ask it to, but there is a bug where it's decrypting any message that it can. This means that it is returning the decrypted content of private messages, which ...
CVE-2020-4045
SSB-DB version 20.0.0 has an information disclosure vulnerability. The get method is supposed to only decrypt messages when you explicitly ask it to, but there is a bug where it's decrypting any message that it can. This means that it is returning the decrypted content of private messages, which ...
Information disclosure
SSB-DB version 20.0.0 has an information disclosure vulnerability. The get method is supposed to only decrypt messages when you explicitly ask it to, but there is a bug where it's decrypting any message that it can. This means that it is returning the decrypted content of private messages, which ...
CVE-2020-4045 Information disclosure in SSB-DB
SSB-DB version 20.0.0 has an information disclosure vulnerability. The get method is supposed to only decrypt messages when you explicitly ask it to, but there is a bug where it's decrypting any message that it can. This means that it is returning the decrypted content of private messages, which ...
GHSA-MPGR-2CX9-327H Information disclosure in SSB-DB
Impact What kind of vulnerability is it? Who is impacted? Servers running SSB-DB 20.0.0 which is packaged with SSB-Server 16.0.0 must upgrade immediately. There is no evidence that other SSB apps are vulnerable or that this problem has been exploited in the wild. The get method is supposed to onl...
Information disclosure in SSB-DB
Impact What kind of vulnerability is it? Who is impacted? Servers running SSB-DB 20.0.0 which is packaged with SSB-Server 16.0.0 must upgrade immediately. There is no evidence that other SSB apps are vulnerable or that this problem has been exploited in the wild. The get method is supposed to onl...