Lucene search
K

5 matches found

OSV
OSV
added 2024/02/13 6:30 a.m.13 views

GHSA-747X-5M58-MQ97 svix vulnerable to Authentication Bypass

Versions of the package svix before 1.17.0 are vulnerable to Authentication Bypass due to an issue in the verify function where signatures of different lengths are incorrectly compared. An attacker can bypass signature verification by providing a shorter signature that matches the beginning of th...

6.8CVSS6AI score0.0041EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2024/02/13 6:30 a.m.21 views

svix vulnerable to Authentication Bypass

Versions of the package svix before 1.17.0 are vulnerable to Authentication Bypass due to an issue in the verify function where signatures of different lengths are incorrectly compared. An attacker can bypass signature verification by providing a shorter signature that matches the beginning of th...

6.5CVSS7.1AI score0.0041EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2024/02/13 5:15 a.m.17 views

CVE-2024-21491

Versions of the package svix before 1.17.0 are vulnerable to Authentication Bypass due to an issue in the verify function where signatures of different lengths are incorrectly compared. An attacker can bypass signature verification by providing a shorter signature that matches the beginning of th...

6.5CVSS7.1AI score
Exploits0References4
Prion
Prion
added 2024/02/13 5:15 a.m.21 views

Authentication flaw

Versions of the package svix before 1.17.0 are vulnerable to Authentication Bypass due to an issue in the verify function where signatures of different lengths are incorrectly compared. An attacker can bypass signature verification by providing a shorter signature that matches the beginning of th...

4CVSS7.1AI score0.0041EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/02/13 5:0 a.m.8 views

CVE-2024-21491

Versions of the package svix before 1.17.0 are vulnerable to Authentication Bypass due to an issue in the verify function where signatures of different lengths are incorrectly compared. An attacker can bypass signature verification by providing a shorter signature that matches the beginning of th...

5.9CVSS6.4AI score0.0041EPSS
Exploits0References4
Rows per page
Query Builder