Fedmsg
1 CVEs
product
Monthly
FedMsg 0.18.1 and older is vulnerable to a message validation flaw resulting in message validation not being enabled if configured to be on. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Information Disclosure
Fedmsg
NVD
GitHub
CVSS 3.0
7.5
EPSS
0.6%
CVE-2017-1000001
PyPI
EPSS 1%
CVSS 7.5
HIGH
PATCH
This Week
FedMsg 0.18.1 and older is vulnerable to a message validation flaw resulting in message validation not being enabled if configured to be on. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Information Disclosure
Fedmsg
NVD
GitHub