Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cosmos userbase checking vulnerability
Vulnerability Description
Cosmos provides users the ability self-host a home server by acting as a secure gateway to your application, as well as a server manager. By monitoring the error code returned in the login, it is possible to figure out whether a user exist or not in the database. Patched in 0.17.7.
CVSS Information
N/A
Vulnerability Type
响应差异性信息暴露
Vulnerability Title
Cosmos 安全漏洞
Vulnerability Description
Cosmos是Yann Stepienik个人开发者的一个自行托管家庭服务器的方法。旨在解决日益令人担忧的易受攻击的自托管应用程序和个人服务器的问题。 Cosmos 0.17.7之前版本存在安全漏洞。攻击者利用该漏洞可以通过监视登录时返回的错误代码,确定数据库中是否存在用户。
CVSS Information
N/A
Vulnerability Type
N/A