📚 parse-server on npm Session Token operation on a resource after expiration

🕛 Zeit seit Veröffentlichung: 1231 Tage, 16 Stunden 12 Minuten
📆 Veröffentlicht am: 26.11.2020 um 14:14 Uhr
💡 Newskategorie: Sicherheitslücken
🔗 Quelle: vuldb.com

A vulnerability classified as problematic has been found in parse-server on npm (version unknown). Affected is some unknown functionality of the component Session Token Handler. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product. ...

Sharing is caring on Social Media

Join the Team IT Security Community

📌 Fortinet FortiDeceptor up to 3.0.0 Session Expiration session expiration

🕛 1262 Tage, 11 Stunden 39 Minuten
📆 26.10.2020 um 17:26 Uhr
📈 49.54 Punkte

📌 SAP Disclosure Management 10.1 Session Expiration session expiration

🕛 1258 Tage, 12 Stunden 38 Minuten
📆 30.10.2020 um 16:49 Uhr
📈 49.54 Punkte

📌 SAP Disclosure Management 10.1 Session Expiration session expiration

🕛 1258 Tage, 12 Stunden 38 Minuten
📆 30.10.2020 um 16:45 Uhr
📈 49.54 Punkte

📌 IBM Security Access Manager up to 9.0.6 Session Expiration Session Token weak authentication

🕛 1383 Tage, 11 Stunden 38 Minuten
📆 27.06.2020 um 17:44 Uhr
📈 44.59 Punkte

📌 Ubuntu Linux 5.0/5.3 Overlayfs/shiftfs call_mmap Variable Underflow operation on a resource after expiration

🕛 1276 Tage, 12 Stunden 38 Minuten
📆 12.10.2020 um 16:54 Uhr
📈 39.28 Punkte

📌 Ubuntu Linux 5.0/5.3 shiftfs shiftfs_btrfs_ioctl_fd_replace Underflow operation on a resource after expiration

🕛 1276 Tage, 12 Stunden 38 Minuten
📆 12.10.2020 um 16:25 Uhr
📈 39.28 Punkte

📌 WordPress up to 5.3.3 Password Reset Link operation on a resource after expiration

🕛 1274 Tage, 13 Stunden 39 Minuten
📆 14.10.2020 um 16:04 Uhr
📈 39.28 Punkte

📌 Eclipse Jetty up to 9.4.29.v20200521 Long Request HTTP Response Header Memory operation on a resource after expiration

🕛 1259 Tage, 19 Stunden 38 Minuten
📆 29.10.2020 um 09:47 Uhr
📈 39.28 Punkte

📌 On trusting NPM: Early in the month, Lance R. Vick noticed that the maintainer of the NPM foreach package let their personal email domain expire, so they bought it and now “controls foreach on NPM and the 36,826 projects that depend on it”.

🕛 674 Tage, 8 Stunden 41 Minuten
📆 06.06.2022 um 21:38 Uhr
📈 37.33 Punkte

📌 Question about TLS/SSL session. So, on my PC, I had an active https session with my bank via mobile hotspot on my iPhone. I enabled VPN session on my iPhone, but the session on my PC did not break. Should it have?

🕛 2053 Tage, 6 Stunden 40 Minuten
📆 27.08.2018 um 23:05 Uhr
📈 35.92 Punkte

📌 OpenStack Keystone up to 15.0.0/16.0.0 OAuth1 Access Token session expiration

🕛 1273 Tage, 9 Stunden 39 Minuten
📆 15.10.2020 um 19:27 Uhr
📈 35.6 Punkte

📌 CVE-2023-23929 | vantage6 prior 3.8.0 Refresh Token session expiration

🕛 377 Tage, 21 Stunden 18 Minuten
📆 30.03.2023 um 08:39 Uhr
📈 35.6 Punkte

📌 CVE-2023-20903 | Cloud Foundry UAA IDP Token session expiration

🕛 360 Tage, 14 Stunden 6 Minuten
📆 16.04.2023 um 16:04 Uhr
📈 35.6 Punkte

📌 JetBrains TeamCity prior 2019.2.1 Session session expiration

🕛 1277 Tage, 12 Stunden 23 Minuten
📆 11.10.2020 um 17:40 Uhr
📈 33.75 Punkte

📌 JetBrains Space up to 2020-04-22 Session Timeout session expiration

🕛 1277 Tage, 11 Stunden 8 Minuten
📆 11.10.2020 um 18:12 Uhr
📈 33.75 Punkte

📌 Lan ATMService M3 ATM Monitoring System 6.1.0 Session PHPSESSID session expiration

🕛 1212 Tage, 13 Stunden 24 Minuten
📆 15.12.2020 um 16:37 Uhr
📈 33.75 Punkte

📌 Telegram App Terminate Session session expiration [CVE-2021-27351]

🕛 1134 Tage, 8 Stunden 10 Minuten
📆 03.03.2021 um 22:30 Uhr
📈 33.75 Punkte

📌 Kibana up to 6.8.14/7.11.x Session Timeout session expiration

🕛 1060 Tage, 18 Stunden 40 Minuten
📆 16.05.2021 um 11:04 Uhr
📈 33.75 Punkte

📌 CVE-2022-33137 | Siemens SIMATIC MV540 H up to 3.2 Web Session Management session expiration (ssa-348662)

🕛 629 Tage, 16 Stunden 22 Minuten
📆 21.07.2022 um 14:37 Uhr
📈 33.75 Punkte

📌 CVE-2022-2888 | OctoPrint Session Cookie session expiration

🕛 537 Tage, 10 Stunden 7 Minuten
📆 21.10.2022 um 19:30 Uhr
📈 33.75 Punkte

📌 CVE-2019-11168 | Intel Baseboard Management Controller Session session expiration (K64346530)

🕛 56 Tage, 17 Stunden 33 Minuten
📆 14.02.2024 um 12:19 Uhr
📈 33.75 Punkte

📌 Medium CVE-2021-23346: Html-parse-stringify project Html-parse-stringify

🕛 1128 Tage, 13 Stunden 55 Minuten
📆 04.03.2021 um 21:30 Uhr
📈 32.62 Punkte

📌 Medium CVE-2021-29932: Parse duration project Parse duration

🕛 1101 Tage, 10 Stunden 40 Minuten
📆 01.04.2021 um 12:30 Uhr
📈 32.62 Punkte

📌 cpython up to 3.6.12/3.7.9/3.8.7/3.9.1 urllib.parse.parse_qsl/urllib.parse.parse_qs request smuggling

🕛 1136 Tage, 9 Stunden 40 Minuten
📆 01.03.2021 um 20:38 Uhr
📈 32.62 Punkte

📌 CVE-2016-6290 | PHP up to 7.0.8 Session ext/session/session.c unserialize use after free (Nessus ID 119979 / ID 175796)

🕛 579 Tage, 21 Stunden 9 Minuten
📆 09.09.2022 um 09:02 Uhr
📈 31.87 Punkte

📌 Oracle FLEXCUBE Private Banking 12.0.0/12.1.0 Demographics operation after expiration

🕛 1081 Tage, 16 Stunden 39 Minuten
📆 25.04.2021 um 13:17 Uhr
📈 31.01 Punkte

📌 Oracle FMW Platform 12.2.1.3.0/12.2.1.4.0 Common Components operation after expiration

🕛 1081 Tage, 14 Stunden 9 Minuten
📆 25.04.2021 um 15:00 Uhr
📈 31.01 Punkte

📌 CVE-2023-41094 | Silabs Ember ZNet TouchLink Packet operation after expiration

🕛 168 Tage, 12 Stunden 19 Minuten
📆 25.10.2023 um 19:35 Uhr
📈 31.01 Punkte

📌 CVE-2024-23332 | Notary Project Notation up to 1.0.1 operation after expiration (GHSA-57wx-m636-g3g8)

🕛 55 Tage, 11 Stunden 3 Minuten
📆 15.02.2024 um 19:19 Uhr
📈 31.01 Punkte

📌 CVE-2019-19480 | OpenSC up to 0.19.x/0.20.0-rc3 libopensc/pkcs15-prkey.c sc_pkcs15_decode_prkdf_entry operation after expiration

🕛 36 Tage, 15 Stunden 33 Minuten
📆 05.03.2024 um 14:17 Uhr
📈 31.01 Punkte

📌 CVE-2023-48220 | Decidim operation after expiration

🕛 33 Tage, 12 Stunden 34 Minuten
📆 08.03.2024 um 17:29 Uhr
📈 31.01 Punkte

📌 oVirt up to 3.5.0 restapi Session Session Token weak authentication

🕛 1598 Tage, 18 Stunden 9 Minuten
📆 25.11.2019 um 10:37 Uhr
📈 28.8 Punkte

📌 Atlassian Crowd up to 2.9.0 Session Identifier Session Token Collision weak authentication

🕛 1418 Tage, 22 Stunden 9 Minuten
📆 23.05.2020 um 06:54 Uhr
📈 28.8 Punkte

📌 CVE-2022-31689 | VMware Workspace ONE Assist up to 22.9 Session Token session fixiation (VMSA-2022-0028)

🕛 486 Tage, 17 Stunden 54 Minuten
📆 11.12.2022 um 11:36 Uhr
📈 28.8 Punkte

📌 [remote] Osprey Pump Controller 1.0.1 - Predictable Session Token / Session Hijack

🕛 370 Tage, 16 Stunden 59 Minuten
📆 06.04.2023 um 02:00 Uhr
📈 28.8 Punkte

🏠 Team IT Security News

📚 parse-server on npm Session Token operation on a resource after expiration

Sharing is caring on Social Media

Join the Team IT Security Community