Vulnerabilities in CORDEA

2 results

CVE-2024-42475MEDIUMOAuth library for nim allows insecure generation of state values by generateState - entropy too low and uses regular PRNG instead of CSPRNGEPSS 0.2%CVE-2024-42476MEDIUMoauth CSRF vulnerabilityEPSS 0.2%