Home > Vulnerability Database > WS-2020-0164

Mend.io Vulnerability Database

WS-2020-0164

Good to know:

Date: September 12, 2020

personnummer is vulnerable to validation bypass. In Python, CSharp, PHP all versions before 3.0.2. In D, Go, Lua, Ruby, Scala all versions before 3.0.1. In Dart before 3.0.3. In Elixir, Perl, Rust before 3.0.0. In Java before 3.3.0. In JavaScript before 3.1.0. In Kotlin before 1.1.0. In Swift before 1.0.1.

Language: Python

Severity Score

3.7

Related Resources (2)

Url: https://github.com/personnummer/python/commit/27265f898f30780f954b52d56917a25fa64ca6cd

Url: https://www.mend.io/vulnerability-database/WS-2020-0164

Severity Score

3.7

Weakness Type (CWE)

Authentication Bypass Using an Alternate Path or Channel

CWE-288

Top Fix

Upgrade Version

Upgrade to version personnummer - Swift: 1.0.1; Kotlin: 1.1.0; Elixir, Perl, Rust: 3.0.0; D, Go, Lua, Ruby, Scala: 3.0.1; Dart: 3.0.3; Python, CSharp, PHP: 3.0.2; JavaScript: 3.1.0; Java: 3.3.

Learn More

CVSS v3.1

Base Score:	3.7
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	HIGH
Privileges Required (PR):	LOW
User Interaction (UI):	REQUIRED
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	NONE

Mend.io Vulnerability Database

We found results for “”

WS-2020-0164

Good to know:

Date: September 12, 2020

Language: Python

Severity Score

Related Resources (2)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?