exploitDog

GHSA-6j5c-gc78-pqgr

Опубликовано: 20 окт. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 6.5

Описание

A lack of rate limiting in the One-Time Password (OTP) verification endpoint of SigningHub v8.6.8 allows attackers to bypass verification via a bruteforce attack.

A lack of rate limiting in the One-Time Password (OTP) verification endpoint of SigningHub v8.6.8 allows attackers to bypass verification via a bruteforce attack.

Ссылки

EPSS

Процентиль: 19%

0.00061

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-305

CWE-307

Связанные уязвимости

CVE-2025-56224

CVSS3: 8.1

nvd

4 месяца назад

A lack of rate limiting in the One-Time Password (OTP) verification endpoint of SigningHub v8.6.8 allows attackers to bypass verification via a bruteforce attack.

EPSS

Процентиль: 19%

0.00061

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-305

CWE-307