Vulnerability	Vulnerable Version
L Observable Timing Discrepancy vantage6-server is a Vantage6 server Affected versions of this package are vulnerable to Observable Timing Discrepancy due to a discrepancy in response times during the login process. An attacker can infer the existence of valid usernames by observing the time it takes for the server to respond to login requests. How to fix Observable Timing Discrepancy? Upgrade `vantage6-server` to version 4.2.0 or higher.	[,4.2.0)
H Improperly Implemented Security Check for Standard vantage6-server is a Vantage6 server Affected versions of this package are vulnerable to Improperly Implemented Security Check for Standard when the `parent_id` is set. An attacker can execute non-whitelisted algorithms by modifying the server to set a fake `parent_id` and send a task. How to fix Improperly Implemented Security Check for Standard? Upgrade `vantage6-server` to version 4.1.2 or higher.	[,4.1.2)

Observable Timing Discrepancy

vantage6-server is a Vantage6 server

Affected versions of this package are vulnerable to Observable Timing Discrepancy due to a discrepancy in response times during the login process. An attacker can infer the existence of valid usernames by observing the time it takes for the server to respond to login requests.

How to fix Observable Timing Discrepancy?

Upgrade vantage6-server to version 4.2.0 or higher.

[,4.2.0)

Improperly Implemented Security Check for Standard

vantage6-server is a Vantage6 server

Affected versions of this package are vulnerable to Improperly Implemented Security Check for Standard when the parent_id is set. An attacker can execute non-whitelisted algorithms by modifying the server to set a fake parent_id and send a task.

How to fix Improperly Implemented Security Check for Standard?

Upgrade vantage6-server to version 4.1.2 or higher.

[,4.1.2)

Go back to all versions of this package