Количество 2
Количество 2
CVE-2020-5205
около 6 лет назад
In Pow (Hex package) before 1.0.16, the use of Plug.Session in Pow.Plug.Session is susceptible to session fixation attacks if a persistent session store is used for Plug.Session, such as Redis or a database. Cookie store, which is used in most Phoenix apps, doesn't have this vulnerability.
CVSS3: 6.5
EPSS: Низкий
GHSA-v2wf-c3j6-wpvw
почти 4 года назад
Session fixation
CVSS3: 6.5
EPSS: Низкий
Уязвимостей на страницу
20
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2020-5205 In Pow (Hex package) before 1.0.16, the use of Plug.Session in Pow.Plug.Session is susceptible to session fixation attacks if a persistent session store is used for Plug.Session, such as Redis or a database. Cookie store, which is used in most Phoenix apps, doesn't have this vulnerability. | CVSS3: 6.5 | 0% Низкий | около 6 лет назад |
| GHSA-v2wf-c3j6-wpvw Session fixation | CVSS3: 6.5 | 0% Низкий | почти 4 года назад |
Уязвимостей на страницу
20