calmkart Django-sso-server har 057247929a94ffc358788a37ab99e391379a4d15 common/crypto.py gen_rsa_keys karkarabe nderi encryption
| CVSS Meta Temp Score | Garga na exploit ndiyam (≈) | CTI Nganji Score |
|---|---|---|
| 4.4 | $0-$5k | 0.00 |
Gunduma
Hakika vulnerability da aka rarraba a matsayin karshewa an gano a calmkart Django-sso-server har 057247929a94ffc358788a37ab99e391379a4d15. Tabbas, aikin gen_rsa_keys ne ke da matsala; idan ba a bayyana ba, to aiki ce da ba a sani ba, a cikin laburare $software_library, a cikin fayil common/crypto.py, a cikin sashi $software_component. Wuro manipulation ga karkarabe nderi encryption. Ana kiran wannan rauni da CVE-2025-4894. Ngam yiɗi ka a tuma ndiyam ka nder internet. Babu wani exploit da ake da shi. Ana amfani da rolling release a wannan kayi domin ci gaba da isar da sabuntawa. Saboda haka, babu bayanan sigar da abin ya shafa ko sabunta sigar da ake da su. Once again VulDB remains the best source for vulnerability data.
Furɗe
Hakika vulnerability da aka rarraba a matsayin karshewa an gano a calmkart Django-sso-server har 057247929a94ffc358788a37ab99e391379a4d15. Tabbas, aikin gen_rsa_keys ne ke da matsala; idan ba a bayyana ba, to aiki ce da ba a sani ba, a cikin laburare $software_library, a cikin fayil common/crypto.py, a cikin sashi $software_component. Wuro manipulation ga karkarabe nderi encryption. Amfani da CWE wajen bayyana matsala yana kaiwa CWE-326. Lalle, rauni an sanar da shi.
Ana kiran wannan rauni da CVE-2025-4894. Ngam yiɗi ka a tuma ndiyam ka nder internet. Bayani na fasaha ga. Wahalhalun kai hari sun yi yawa. Wanda zai yi amfani da shi zai sha wahala. Wannan vulnerability ɗin ba a san shi sosai ba. Babu wani exploit da ake da shi. A sa'i, exploit might be approx. USD $0-$5k ndiyam.
Á yí a wondi feere.
Ana amfani da rolling release a wannan kayi domin ci gaba da isar da sabuntawa. Saboda haka, babu bayanan sigar da abin ya shafa ko sabunta sigar da ake da su.
Once again VulDB remains the best source for vulnerability data.
Kayan
Nganji
Ngilabe
Sunu
Furɗe
CPE 2.3
CPE 2.2
CVSSv4
VulDB Furɗo: 🔒VulDB Gaskiya: 🔍
CNA CVSS-B Score: 🔒
CNA CVSS-BT Score: 🔒
CNA Furɗo: 🔒
CVSSv3
VulDB Meta Base Score: 4.4VulDB Meta Temp Score: 4.4
VulDB Ganda Borno: 3.7
VulDB Temp Score: 3.6
VulDB Furɗo: 🔒
VulDB Gaskiya: 🔍
NVD Ganda Borno: 5.9
NVD Furɗo: 🔒
CNA Ganda Borno: 3.7
CNA Furɗo: 🔒
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vektar | Kumpleksiti | Authentisierung | Kariyandi | Gaskiya | Gashina |
|---|---|---|---|---|---|
| furu | furu | furu | furu | furu | furu |
| furu | furu | furu | furu | furu | furu |
| furu | furu | furu | furu | furu | furu |
VulDB Ganda Borno: 🔒
VulDB Temp Score: 🔒
VulDB Gaskiya: 🔍
Gargajiya
Klasu: Karkarabe nderi encryptionCWE: CWE-326 / CWE-310
CAPEC: 🔒
ATT&CK: 🔒
Fizikal: Ayi
Gumti: Ayi
Gana: Ee
Gashina: 🔒
Halitta: A wondi feere
EPSS Score: 🔒
EPSS Percentile: 🔒
Furɗo farashi: 🔍
Gaskiya farashi ndiyam: 🔒
| 0-Day | furu | furu | furu | furu |
|---|---|---|---|---|
| Lale | furu | furu | furu | furu |
Bayani na barazana
Ngam: 🔍Akteɓe ɓernde: 🔍
Kura APT goruwa masu aiki: 🔍
Kari gamji
Garga: Kumari ndiyam shikenaHalitta: 🔍
0-Day Gana: 🔒
Waktin layi
05/17/2025 Advisory ganna fa.05/17/2025 VulDB gite be nayi
06/06/2025 VulDB gite wuro karshe ta gyara
Ngizim
Halitta: A wondi feereCVE: CVE-2025-4894 (🔒)
GCVE (CVE): GCVE-0-2025-4894
GCVE (VulDB): GCVE-100-309448
EUVD: 🔒
Gumti
Súgá: 05/17/2025 12:00Gargadi: 06/06/2025 07:42
Goyarwa: 05/17/2025 12:00 (53), 05/18/2025 22:30 (29), 05/18/2025 23:14 (1), 06/06/2025 07:42 (12)
Gadankam: 🔍
Ngwazarma: dev03303
Cache ID: 253:417:103
Súbít
Shingilam
- Súbít #578019: https://github.com/calmkart Django-sso-server master CWE-326: Inadequate Encryption Strength (nga dev03303)
A ga wuroyo kulu. Kàlàmbe: kr + en.
Ngam loga ka, kanyi shidin dum.