Skip to main content

Aleksis

1 CVEs product

Monthly

CVE-2022-29773 PyPI MEDIUM PATCH This Month

An access control issue in aleksis/core/util/auth_helpers.py: ClientProtectedResourceMixin of AlekSIS-Core v2.8.1 and below allows attackers to access arbitrary scopes if no allowed scopes are. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Aleksis
NVD
CVSS 3.1
6.5
EPSS
0.7%
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

An access control issue in aleksis/core/util/auth_helpers.py: ClientProtectedResourceMixin of AlekSIS-Core v2.8.1 and below allows attackers to access arbitrary scopes if no allowed scopes are. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Aleksis
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy