CVE-2019-20933 (influxdb)

Leave a reply

InfluxDB before 1.7.6 has an authentication bypass vulnerability in the authenticate function in services/httpd/handler.go because a JWT token may have an empty SharedSecret (aka shared secret).

View Full Alert

Related Posts

  • CVE-2019-20933

    InfluxDB before 1.7.6 has an authentication bypass vulnerability in the authenticate function in services/httpd/handler.go because a JWT token may have an empty SharedSecret (aka shared secret). View Full Alert

  • CVE-2019-19935

    Froala Editor before 3.0.6 allows XSS. View Full Alert

  • CVE-2019-19455

    Wowza Streaming Engine through 2019-11-28 has Insecure Permissions. View Full Alert

Leave a Reply