We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
检测到 opendev2020/training 一共引入了86个开源组件,存在71个漏洞
漏洞标题:kaptcha 安全漏洞 缺陷组件:com.github.penggle:[email protected] 漏洞编号:CVE-2018-18531 漏洞描述:kaptcha是一款基于SimpleCaptcha的验证码生成工具。 kaptcha 2.3.2版本中的多个文件存在安全漏洞,该漏洞源于程序使用‘Random’函数(而不是‘SecureRandom’函数)创建CAPTCHA值。远程攻击者可借助暴力破解的方法利用该漏洞绕过访问限制。(多个文件包括:text/impl/DefaultTextCreator.java、text/impl/ChineseTextProducer.java和text/impl/FiveLetterFirstNameTextCreator.java) 国家漏洞库信息:https://www.cnvd.org.cn/flaw/show/CNVD-2018-21509 影响范围:[0, ∞) 最小修复版本: 缺陷组件引入路径:cn.edu.cust:[email protected]>com.github.penggle:[email protected]
另外还有71个漏洞,详细报告:https://mofeisec.com/jr?p=a052c9
The text was updated successfully, but these errors were encountered:
No branches or pull requests
检测到 opendev2020/training 一共引入了86个开源组件,存在71个漏洞
另外还有71个漏洞,详细报告:https://mofeisec.com/jr?p=a052c9
The text was updated successfully, but these errors were encountered: