Количество 3
Количество 3
CVE-2018-12540
In version from 3.0.0 to 3.5.2 of Eclipse Vert.x, the CSRFHandler do not assert that the XSRF Cookie matches the returned XSRF header/form parameter. This allows replay attacks with previously issued tokens which are not expired yet.
CVE-2018-12540
In version from 3.0.0 to 3.5.2 of Eclipse Vert.x, the CSRFHandler do not assert that the XSRF Cookie matches the returned XSRF header/form parameter. This allows replay attacks with previously issued tokens which are not expired yet.
GHSA-rvgg-f8qm-6h7j
High severity vulnerability that affects io.vertx:vertx-web
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2018-12540 In version from 3.0.0 to 3.5.2 of Eclipse Vert.x, the CSRFHandler do not assert that the XSRF Cookie matches the returned XSRF header/form parameter. This allows replay attacks with previously issued tokens which are not expired yet. | CVSS3: 6.8 | 2% Низкий | больше 7 лет назад |
 | CVE-2018-12540 In version from 3.0.0 to 3.5.2 of Eclipse Vert.x, the CSRFHandler do not assert that the XSRF Cookie matches the returned XSRF header/form parameter. This allows replay attacks with previously issued tokens which are not expired yet. | CVSS3: 8.8 | 2% Низкий | больше 7 лет назад |
| GHSA-rvgg-f8qm-6h7j High severity vulnerability that affects io.vertx:vertx-web | 2% Низкий | больше 7 лет назад |
Уязвимостей на страницу