GHSA-f27p-cmv8-xhm6: fetch: Authorization headers not dropped when redirecting cross-origin

GHSA-2p95-8xvm-2pjx: REDAXO CMS Cross-site Scripting vulnerability

GHSA-m78c-qx99-mvw9: Grav Cross-site Scripting vulnerability

GHSA-237r-r8m4-4q88: Guzzle OAuth Subscriber has insufficient nonce entropy

GHSA-v6jv-p6r8-j78w: NiceGUI On Air authentication issue

PyPinkSign v0.5.1 uses a non-random or static IV for Cipher Block Chaining (CBC) mode in AES encryption. This vulnerability can lead to the disclosure of information and communications.

**PyPinkSign uses a non-random or static IV for Cipher Block Chaining (CBC) mode in AES encryption**

Moderate severity GitHub Reviewed Published Nov 16, 2023 to the GitHub Advisory Database • Updated Nov 17, 2023

Headline

GHSA-fxff-wxxv-c2jc: PyPinkSign uses a non-random or static IV for Cipher Block Chaining (CBC) mode in AES encryption

Related news

ghsa: Latest News