Описание
Session 1.13.0 allows an attacker with physical access to the victim's device to bypass the application's password/pin lock to access user data. This is possible due to lack of adequate security controls to prevent dynamic code manipulation.
Отчет
The CVE-2022-1955 is not related to perl-snmp-session. It is something related to oxen-io/session-android package which does not shipped in RHEL and not even Fedora.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | perl-SNMP_Session | Not affected | ||
| Red Hat Enterprise Linux 7 | perl-SNMP_Session | Not affected | ||
| Red Hat Enterprise Linux 8 | perl-SNMP_Session | Not affected | ||
| Red Hat Enterprise Linux 9 | perl-SNMP_Session | Not affected |
Показывать по
Дополнительная информация
Статус:
EPSS
0 Low
CVSS3
Связанные уязвимости
Session 1.13.0 allows an attacker with physical access to the victim's device to bypass the application's password/pin lock to access user data. This is possible due to lack of adequate security controls to prevent dynamic code manipulation.
Session 1.13.0 allows an attacker with physical access to the victim's device to bypass the application's password/pin lock to access user data. This is possible due to lack of adequate security controls to prevent dynamic code manipulation.
EPSS
0 Low
CVSS3