Sorcery
1 CVEs
product
Monthly
In Sorcery before 0.15.0, there is a brute force vulnerability when using password authentication via Sorcery. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Information Disclosure
Sorcery
NVD
GitHub
CVSS 3.1
9.8
EPSS
1.6%
CVE-2020-11052
Ruby
EPSS 2%
CVSS 9.8
CRITICAL
PATCH
Act Now
In Sorcery before 0.15.0, there is a brute force vulnerability when using password authentication via Sorcery. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Information Disclosure
Sorcery
NVD
GitHub