We found results for “”
WS-2020-0164
Good to know:
Date: September 12, 2020
personnummer is vulnerable to validation bypass. In Python, CSharp, PHP all versions before 3.0.2. In D, Go, Lua, Ruby, Scala all versions before 3.0.1. In Dart before 3.0.3. In Elixir, Perl, Rust before 3.0.0. In Java before 3.3.0. In JavaScript before 3.1.0. In Kotlin before 1.1.0. In Swift before 1.0.1.
Language: Python
Severity Score
Severity Score
Weakness Type (CWE)
Authentication Bypass Using an Alternate Path or Channel
CWE-288Top Fix
Upgrade Version
Upgrade to version personnummer - Swift: 1.0.1; Kotlin: 1.1.0; Elixir, Perl, Rust: 3.0.0; D, Go, Lua, Ruby, Scala: 3.0.1; Dart: 3.0.3; Python, CSharp, PHP: 3.0.2; JavaScript: 3.1.0; Java: 3.3.
CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | NETWORK |
Attack Complexity (AC): | HIGH |
Privileges Required (PR): | LOW |
User Interaction (UI): | REQUIRED |
Scope (S): | UNCHANGED |
Confidentiality (C): | LOW |
Integrity (I): | LOW |
Availability (A): | NONE |