Lucene search
Veracode Vulnerability DatabaseVERACODE:25145HistoryApr 30, 2020 - 4:18 a.m.
Authentication Bypass
2020-04-3004:18:27
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
7
EPSS
0.004
Percentile
73.3%
faye is vulnerable to authentication bypass. The vulnerability exists through the way Faye server recognizes meta channels, treating a message to any channel that is a prefix-match for one of the special channels /meta/handshake, /meta/connect, /meta/subscribe, /meta/unsubscribe, /meta/disconnect.
Related
osv
osv
CVE-2020-11020
2020-04-29 18:15:13
Authentication and extension bypass in Faye
2020-04-29 17:41:15
rubygems
rubygems
Authentication and extension bypass in Faye
2020-04-28 21:00:00
prion
prion
Authentication flaw
2020-04-29 18:15:00
github
github
Authentication and extension bypass in Faye
2020-04-29 17:41:15
cvelist
cvelist
CVE-2020-11020 Authentication and extension bypass in Faye
2020-04-29 17:35:12
cve
cve
CVE-2020-11020
2020-04-29 18:15:13
debiancve
debiancve
CVE-2020-11020
2020-04-29 18:15:13
ubuntucve
ubuntucve
CVE-2020-11020
2020-04-29 00:00:00
nvd
nvd
CVE-2020-11020
2020-04-29 18:15:13