Skip to main content

Pow

2 CVEs product

Monthly

CVE-2023-42446 MEDIUM POC This Month

Pow is a authentication and user management solution for Phoenix and Plug-based apps. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Pow
NVD GitHub
CVSS 3.1
6.5
EPSS
0.5%
CVE-2020-5205 MEDIUM PATCH This Month

In Pow (Hex package) before 1.0.16, the use of Plug.Session in Pow.Plug.Session is susceptible to session fixation attacks if a persistent session store is used for Plug.Session, such as Redis or a. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Redis Session Fixation Information Disclosure Pow
NVD GitHub
CVSS 3.1
5.4
EPSS
0.8%
EPSS 0% CVSS 6.5
MEDIUM POC This Month

Pow is a authentication and user management solution for Phoenix and Plug-based apps. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Pow
NVD GitHub
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

In Pow (Hex package) before 1.0.16, the use of Plug.Session in Pow.Plug.Session is susceptible to session fixation attacks if a persistent session store is used for Plug.Session, such as Redis or a. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Redis Session Fixation Information Disclosure +1
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy