exploitDog

GHSA-xppm-x368-2qjm

Опубликовано: 06 окт. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 5.3

Описание

In affected versions of Octopus Server it was identified that the same encryption process was used for both encrypting session cookies and variables.

In affected versions of Octopus Server it was identified that the same encryption process was used for both encrypting session cookies and variables.

Ссылки

EPSS

Процентиль: 19%

0.0006

Низкий

5.3 Medium

CVSS3

CVE ID

Дефекты

CWE-326

Связанные уязвимости

CVE-2022-2781

CVSS3: 5.3

nvd

больше 3 лет назад

In affected versions of Octopus Server it was identified that the same encryption process was used for both encrypting session cookies and variables.

EPSS

Процентиль: 19%

0.0006

Низкий

5.3 Medium

CVSS3

CVE ID

Дефекты

CWE-326