Количество 2
Количество 2
CVE-2019-12396
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-5440. Reason: This candidate is a reservation duplicate of CVE-2019-5440. Notes: All CVE users should reference CVE-2019-5440 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage
GHSA-5wjq-mgcp-p99w
An issue was discovered in Revive Adserver before 4.2.1. In lib/OA/Dal/PasswordRecovery.php, the function generateRecoveryId() uses an insecure way to generate a password reset token. The token relies on the PHP uniqid function and consequently depends only on the current server time, which is often visible in an HTTP Date header.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2019-12396 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-5440. Reason: This candidate is a reservation duplicate of CVE-2019-5440. Notes: All CVE users should reference CVE-2019-5440 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage | больше 6 лет назад | ||
| GHSA-5wjq-mgcp-p99w An issue was discovered in Revive Adserver before 4.2.1. In lib/OA/Dal/PasswordRecovery.php, the function generateRecoveryId() uses an insecure way to generate a password reset token. The token relies on the PHP uniqid function and consequently depends only on the current server time, which is often visible in an HTTP Date header. | больше 3 лет назад |
Уязвимостей на страницу