Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Pylons horus services.py timing discrepancy
Vulnerability Description
A vulnerability was found in Pylons horus and classified as problematic. Affected by this issue is some unknown functionality of the file horus/flows/local/services.py. The manipulation leads to observable timing discrepancy. The complexity of an attack is rather high. The exploitation is known to be difficult. The patch is identified as fd56ccb62ce3cbdab0484fe4f9c25c4eda6c57ec. It is recommended to apply a patch to fix this issue. VDB-217598 is the identifier assigned to this vulnerability.
CVSS Information
CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
通过时间差异性导致的信息暴露
Vulnerability Title
horus 安全漏洞
Vulnerability Description
horus是Pylons Project开源的一个 Pyramid Web 框架的用户注册和登录系统。 Pylons horus存在安全漏洞。攻击者利用该漏洞导致可观察到的时间存在差异。
CVSS Information
N/A
Vulnerability Type
N/A