Skip to main content

Lemur

2 CVEs product

Monthly

CVE-2023-30797 PyPI HIGH PATCH This Week

Netflix Lemur before version 1.3.2 used insufficiently random values when generating default credentials. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Lemur
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.8%
CVE-2015-7764 PyPI HIGH PATCH This Week

Lemur 0.1.4 does not use sufficient entropy in its IV when encrypting AES in CBC mode. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Lemur
NVD GitHub
CVSS 3.1
7.5
EPSS
0.3%
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Netflix Lemur before version 1.3.2 used insufficiently random values when generating default credentials. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Lemur
NVD GitHub VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Lemur 0.1.4 does not use sufficient entropy in its IV when encrypting AES in CBC mode. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Lemur
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy