Résumé
CoreWCF: SAML token replay protection is inoperative
Références
Vulnérabilités liées
Tout Supply chain →- MEDIUMGHSA-7HW8-6Q6R-4276
Langflow: Logout button does not clear session
- MEDIUMGHSA-C7JM-38GQ-H67H
http4k: `ServerFilters.DigestAuth` / `DigestAuthProvider` defaulted to an always-true nonce verifier, disabling replay protection in default deployments
- HIGHGHSA-GQV6-PWCG-87R8
CoreWCF: XML Signature Wrapping in WS-Security endorsing/supporting signature verification allows replay of captured signed messages
- HIGHGHSA-869J-R97X-HX2G
Anki's local HTTP server does not sufficiently validate requests
- MEDIUMGHSA-JV2J-MQMW-XVV5
SurrealDB: Denial of Service via deep operator chains
- MEDIUMGHSA-HV6H-HC26-Q48P
SurrealDB: Field-level SELECT permissions bypassed via graph and reference traversals