Описание
PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, predictable verification hashes may allow attackers to guess verification tokens and potentially verify election account requests without authorization. This issue has been patched in version 1.33.0.
Ссылки
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.33.0 (исключая)
cpe:2.3:a:pear:pearweb:*:*:*:*:*:*:*:*
EPSS
Процентиль: 9%
0.00033
Низкий
7.5 High
CVSS3
Дефекты
CWE-337
Связанные уязвимости
CVSS3: 7.5
ubuntu
4 дня назад
PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, predictable verification hashes may allow attackers to guess verification tokens and potentially verify election account requests without authorization. This issue has been patched in version 1.33.0.
CVSS3: 7.5
debian
4 дня назад
PEAR is a framework and distribution system for reusable PHP component ...
EPSS
Процентиль: 9%
0.00033
Низкий
7.5 High
CVSS3
Дефекты
CWE-337