CVSS: 7.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-35220 – @fastify/session reuses destroyed session cookie
https://notcve.org/view.php?id=CVE-2024-35220
@fastify/session is a session plugin for fastify. Requires the @fastify/cookie plugin. When restoring the cookie from the session store, the `expires` field is overriden if the `maxAge` field was set. This means a cookie is never correctly detected as expired and thus expired sessions are not destroyed. This vulnerability has been patched 10.8.0. @fastify/session es un complemento de sesión para fastify. • https://github.com/fastify/session/commit/0495ce5b534c4550f25228821db8098293439f2f https://github.com/fastify/session/issues/251 https://github.com/fastify/session/security/advisories/GHSA-pj27-2xvp-4qxg • CWE-613: Insufficient Session Expiration •
CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-2045 – Session 1.17.5 - LFR via chat attachment
https://notcve.org/view.php?id=CVE-2024-2045
Session version 1.17.5 allows obtaining internal application files and public files from the user's device without the user's consent. This is possible because the application is vulnerable to Local File Read via chat attachments. La versión de sesión 1.17.5 permite obtener archivos de aplicaciones internas y archivos públicos del dispositivo del usuario sin el consentimiento del usuario. Esto es posible porque la aplicación es vulnerable a la lectura de archivos locales a través de archivos adjuntos del chat. • https://fluidattacks.com/advisories/newman https://github.com/oxen-io/session-android • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 2CVE-2022-1955
https://notcve.org/view.php?id=CVE-2022-1955
Session 1.13.0 allows an attacker with physical access to the victim's device to bypass the application's password/pin lock to access user data. This is possible due to lack of adequate security controls to prevent dynamic code manipulation. Session versión 1.13.0, permite a un atacante con acceso físico al dispositivo de la víctima omitir el bloqueo de contraseña/pin de la aplicación para acceder a los datos del usuario. Esto es posible debido a una falta de controles de seguridad apropiados para evitar la manipulación del código dinámico • https://fluidattacks.com/advisories/tempest https://github.com/oxen-io/session-android https://github.com/oxen-io/session-android/pull/897 • CWE-287: Improper Authentication •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 1CVE-2015-8566 – Joomla! 1.5 < 3.4.6 - Object Injection 'x-forwarded-for' Header Remote Code Execution
https://notcve.org/view.php?id=CVE-2015-8566
The Session package 1.x before 1.3.1 for Joomla! Framework allows remote attackers to execute arbitrary code via unspecified session values. El paquete Session 1.x en versiones anteriores a 1.3.1 para Joomla! Framework permite a atacantes remotos ejecutar código arbitrario a través de valores de sesión no especificados. • https://www.exploit-db.com/exploits/39033 http://www.securityfocus.com/bid/79197 https://developer.joomla.org/security-centre/637-20151205-session-remote-code-execution-vulnerability.html •