GO-2024-3287 Apache Answer: Predictable Authorization Token Using UUIDv1 in github.com/apache/incubator-answer

Apache Answer: Predictable Authorization Token Using UUIDv1 in github.com/apache/incubator-answer...

Apache Answer: Predictable Authorization Token Using UUIDv1

Inadequate Encryption Strength vulnerability in Apache Answer. This issue affects Apache Answer: through 1.4.0. The ids generated using the UUID v1 version are to some extent not secure enough. It can cause the generated token to be predictable. Users are recommended to upgrade to version 1.4.1,...

GHSA-MR95-VFCF-FX9P Apache Answer: Predictable Authorization Token Using UUIDv1

Inadequate Encryption Strength vulnerability in Apache Answer. This issue affects Apache Answer: through 1.4.0. The ids generated using the UUID v1 version are to some extent not secure enough. It can cause the generated token to be predictable. Users are recommended to upgrade to version 1.4.1,...

CVE-2024-45719 Apache Answer: Predictable Authorization Token Using UUIDv1

Inadequate Encryption Strength vulnerability in Apache Answer. This issue affects Apache Answer: through 1.4.0. The ids generated using the UUID v1 version are to some extent not secure enough. It can cause the generated token to be predictable. Users are recommended to upgrade to version 1.4.1,...

CVE-2024-45719 Apache Answer: Predictable Authorization Token Using UUIDv1

Inadequate Encryption Strength vulnerability in Apache Answer. This issue affects Apache Answer: through 1.4.0. The ids generated using the UUID v1 version are to some extent not secure enough. It can cause the generated token to be predictable. Users are recommended to upgrade to version 1.4.1,...

Mail.ru: [c-api.city-mobil.ru] IDOR chat messages between driver and customer

UUIDv1 was used as identifier in c-api.city-mobil.ru for some APIs where identifier was intended to be non-brutable while UUIDv1 entropy is insufficient...