PT-2022-24981 · Drogon · Drogon
Itrofimow
·
Published
2022-11-11
·
Updated
2022-11-16
·
CVE-2022-3959
CVSS v3.1
5.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
Name of the Vulnerable Software and Affected Versions
drogon versions up to 1.8.1
Description
A problematic issue has been found in the Session Hash Handler component, allowing for remote attacks that lead to a small space of random values. The estimated number of potentially affected devices is not specified.
Recommendations
For drogon versions up to 1.8.1, upgrade to version 1.8.2 to address this issue.
Fix
Use of Insufficiently Random Values
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Drogon