Lucene search
Veracode Vulnerability DatabaseVERACODE:32488HistoryOct 13, 2021 - 7:13 p.m.
Access Restriction Bypass
2021-10-1319:13:00
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
11
py-bcrypt
vulnerability
improper access control
password hash overwriting
security restrictions
EPSS
0.016
Percentile
87.6%
py-bcrypt is vulnerable to Improper Access Control. The vulnerability exists due to improper handling of concurrent memory access in py-bcrypt module which triggers password hash overwriting, allowing an attacker to bypass security restrictions.
References
lists.fedoraproject.org/pipermail/package-announce/2013-April/101382.html
lists.fedoraproject.org/pipermail/package-announce/2013-April/101387.html
www.openwall.com/lists/oss-security/2013/03/26/2
www.securityfocus.com/bid/58702
bugzilla.redhat.com/show_bug.cgi?id=927510
exchange.xforce.ibmcloud.com/vulnerabilities/83039
lists.fedoraproject.org/pipermail/package-announce/2013-April/101382.html
Related
seebug
seebug
Python 'py-bcrypt' 樑εθΊ«δ»½ιͺθ―η»θΏζΌζ΄(CVE-2013-1895)
2013-03-27 00:00:00
debiancve
debiancve
CVE-2013-1895
2020-01-28 15:15:14
openvas
openvas
Fedora Update for py-bcrypt FEDORA-2013-4447
2013-04-05 00:00:00
Fedora Update for py-bcrypt FEDORA-2013-4424
2013-04-05 00:00:00
Fedora Update for py-bcrypt FEDORA-2013-4447
2013-04-05 00:00:00
ubuntucve
ubuntucve
CVE-2013-1895
2020-01-28 00:00:00
nessus
nessus
Fedora 18 : py-bcrypt-0.3-1.fc18 (2013-4447)
2013-04-05 00:00:00
Fedora 17 : py-bcrypt-0.3-1.fc17 (2013-4424)
2013-04-05 00:00:00
osv
osv
Improper Restriction of Excessive Authentication Attempts in py-bcrypt
2021-10-12 16:31:22
PYSEC-2020-249
2020-01-28 15:15:00
prion
prion
Authentication flaw
2020-01-28 15:15:00
cve
cve
CVE-2013-1895
2020-01-28 15:15:14
fedora
fedora
[SECURITY] Fedora 17 Update: py-bcrypt-0.3-1.fc17
2013-04-04 23:51:52
[SECURITY] Fedora 18 Update: py-bcrypt-0.3-1.fc18
2013-04-04 23:50:33
nvd
nvd
CVE-2013-1895
2020-01-28 15:15:14
cvelist
cvelist
CVE-2013-1895
2020-01-28 14:30:24
github
github
Improper Restriction of Excessive Authentication Attempts in py-bcrypt
2021-10-12 16:31:22