VYPR

RubyGems package

pwpush

pkg:gem/pwpush

Vulnerabilities (2)

  • CVE-2024-56733MedDec 30, 2024
    affected <= 1.50.3

    Password Pusher is an open source application to communicate sensitive information over the web. A vulnerability has been reported in versions 1.50.3 and prior where an attacker can copy the session cookie before a user logs out, potentially allowing session hijacking. Although t

  • CVE-2024-52796MedNov 20, 2024
    affected < 1.49.0fixed 1.49.0

    Password Pusher, an open source application to communicate sensitive information over the web, comes with a configurable rate limiter. In versions prior to v1.49.0, the rate limiter could be bypassed by forging proxy headers allowing bad actors to send unlimited traffic to the s