Количество 4
Количество 4
CVE-2017-12868
The secureCompare method in lib/SimpleSAML/Utils/Crypto.php in SimpleSAMLphp 1.14.13 and earlier, when used with PHP before 5.6, allows attackers to conduct session fixation attacks or possibly bypass authentication by leveraging missing character conversions before an XOR operation.
CVE-2017-12868
The secureCompare method in lib/SimpleSAML/Utils/Crypto.php in SimpleSAMLphp 1.14.13 and earlier, when used with PHP before 5.6, allows attackers to conduct session fixation attacks or possibly bypass authentication by leveraging missing character conversions before an XOR operation.
CVE-2017-12868
The secureCompare method in lib/SimpleSAML/Utils/Crypto.php in SimpleS ...
GHSA-j96g-47x2-46hv
SimpleSAMLphp Session fixation issue and authentication bypass in the authcrypt module
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2017-12868 The secureCompare method in lib/SimpleSAML/Utils/Crypto.php in SimpleSAMLphp 1.14.13 and earlier, when used with PHP before 5.6, allows attackers to conduct session fixation attacks or possibly bypass authentication by leveraging missing character conversions before an XOR operation. | CVSS3: 9.8 | 1% Низкий | почти 8 лет назад |
 | CVE-2017-12868 The secureCompare method in lib/SimpleSAML/Utils/Crypto.php in SimpleSAMLphp 1.14.13 and earlier, when used with PHP before 5.6, allows attackers to conduct session fixation attacks or possibly bypass authentication by leveraging missing character conversions before an XOR operation. | CVSS3: 9.8 | 1% Низкий | почти 8 лет назад |
| CVE-2017-12868 The secureCompare method in lib/SimpleSAML/Utils/Crypto.php in SimpleS ... | CVSS3: 9.8 | 1% Низкий | почти 8 лет назад |
| GHSA-j96g-47x2-46hv SimpleSAMLphp Session fixation issue and authentication bypass in the authcrypt module | CVSS3: 9.8 | 1% Низкий | около 3 лет назад |
Уязвимостей на страницу