Moderate severityNVD Advisory· Published Apr 10, 2023· Updated Feb 11, 2025
CVE-2023-25392
CVE-2023-25392
Description
Allegro Tech BigFlow <1.6 is vulnerable to Missing SSL Certificate Validation.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
bigflowPyPI | < 1.6.0 | 1.6.0 |
Affected products
2- Allegro Tech/BigFlowdescription
Patches
Vulnerability mechanics
References
7- github.com/advisories/GHSA-w6q2-48ch-fj26ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2023-25392ghsaADVISORY
- github.com/allegro/bigflow/commit/4ce197ff99bd38693dea59ab5e9b781fbcef4276ghsaWEB
- github.com/allegro/bigflow/commit/7e956661f76907594e8c82e8fb0af76dbea2a0fcghsaWEB
- github.com/allegro/bigflow/pull/357ghsaWEB
- lutrasecurity.com/en/articles/cve-2023-25392ghsaWEB
- lutrasecurity.com/en/articles/cve-2023-25392/mitre
News mentions
0No linked articles in our index yet.