4 matches found
Improper Certificate Validation
Overview Affected versions of this package are vulnerable to Improper Certificate Validation in the trustedCertPool function, which only parses the first PEM block from CA certificate files. An attacker can bypass certificate chain validation by providing a multi-certificate PEM bundle where only...
Improper Access Control
Overview kaminari is a Scope & Engine based, clean, powerful, agnostic, customizable and sophisticated paginator for Rails 4+. Affected versions of this package are vulnerable to Improper Access Control due to improper handling of file permissions. An attacker can modify application behavior or...
PT-2024-25025 · Kaminari · Kaminari
Name of the Vulnerable Software and Affected Versions: Kaminari versions prior to 0.16.2 Description: A security issue involving insecure file permissions has been identified in the Kaminari pagination library for Ruby on Rails. This issue is of moderate severity due to the potential for...
PT-2020-8616 · Unknown +1 · Bitcoin Core +2
Name of the Vulnerable Software and Affected Versions: Bitcoin Core versions 0.16.0 through 0.16.1 Bitcoin Knots versions 0.16.0 through 0.16.1 Description: The issue allows remote denial of service via a flood of multiple transaction inv messages with random hashes. This can also affect other...