5 matches found
GHSA-67FW-W8F2-88WP casdoor's use of`ssh.InsecureIgnoreHostKey()` disables host key verification
An issue discovered in casdoor v1.636.0 allows attackers to obtain sensitive information via the ssh.InsecureIgnoreHostKey method...
CVE-2024-41264
An issue discovered in casdoor v1.636.0 allows attackers to obtain sensitive information via the ssh.InsecureIgnoreHostKey method...
CVE-2024-41264
An issue discovered in casdoor v1.636.0 allows attackers to obtain sensitive information via the ssh.InsecureIgnoreHostKey method...
CVE-2024-41264
The connected sources confirm a vulnerability in casdoor v1.636.0 where ssh.InsecureIgnoreHostKey() disables host key verification, enabling attackers to obtain sensitive information. The issue is described across multiple feeds (Red Hat, OSV, Veracode, GHSA, CNNVD, CVE records) with consistent d...
CVE-2024-41264
An issue discovered in casdoor v1.636.0 allows attackers to obtain sensitive information via the ssh.InsecureIgnoreHostKey method...