Количество 2
Количество 2
CVE-2024-25718
почти 2 года назад
In the Samly package before 1.4.0 for Elixir, Samly.State.Store.get_assertion/3 can return an expired session, which interferes with access control because Samly.AuthHandler uses a cached session and does not replace it, even after expiry.
CVSS3: 9.8
EPSS: Низкий
GHSA-h3rw-77w7-92gf
почти 2 года назад
Samly access control vulnerability
CVSS3: 9.1
EPSS: Низкий
Уязвимостей на страницу
20
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-25718 In the Samly package before 1.4.0 for Elixir, Samly.State.Store.get_assertion/3 can return an expired session, which interferes with access control because Samly.AuthHandler uses a cached session and does not replace it, even after expiry. | CVSS3: 9.8 | 0% Низкий | почти 2 года назад |
| GHSA-h3rw-77w7-92gf Samly access control vulnerability | CVSS3: 9.1 | 0% Низкий | почти 2 года назад |
Уязвимостей на страницу
20