5.3
CVE-2022-45292
- EPSS 0.32%
- Veröffentlicht 09.12.2022 22:15:10
- Zuletzt bearbeitet 23.04.2025 14:15:26
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginUser invites for Funkwhale v1.2.8 do not permanently expire after being used for signup and can be used again after an account has been deleted.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.32% | 0.545 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.3 | 3.9 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.3 | 3.9 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
|
CWE-672 Operation on a Resource after Expiration or Release
The product uses, accesses, or otherwise operates on a resource after that resource has been expired, released, or revoked.