CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2023-32551 – Landscape Open Redirect
https://notcve.org/view.php?id=CVE-2023-32551
Landscape allowed URLs which caused open redirection. • https://bugs.launchpad.net/landscape/+bug/1929620 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-32550 – Landscape's Apache server-status is accessible by default
https://notcve.org/view.php?id=CVE-2023-32550
Landscape's server-status page exposed sensitive system information. This data leak included GET requests which contain information to attack and leak further information from the Landscape API. • https://bugs.launchpad.net/landscape/+bug/1929037 • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-32549 – Landscape insecure token generation
https://notcve.org/view.php?id=CVE-2023-32549
Landscape cryptographic keys were insecurely generated with a weak pseudo-random generator. • https://bugs.launchpad.net/landscape/+bug/1929034 • CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) •