exploitDog

GHSA-xg8h-3f53-j5px

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

Описание

The NAAS 3.x before 3.10.0 API keys were generated using an insecure pseudo-random string and hashing algorithm which could lead to predictable keys.

The NAAS 3.x before 3.10.0 API keys were generated using an insecure pseudo-random string and hashing algorithm which could lead to predictable keys.

Ссылки

EPSS

Процентиль: 26%

0.0009

Низкий

CVE ID

Дефекты

CWE-330

Связанные уязвимости

CVE-2021-23020

CVSS3: 5.5

nvd

больше 4 лет назад

The NAAS 3.x before 3.10.0 API keys were generated using an insecure pseudo-random string and hashing algorithm which could lead to predictable keys.

EPSS

Процентиль: 26%

0.0009

Низкий

CVE ID

Дефекты

CWE-330