VYPR

Maven package

org.apache.streampipes/streampipes-resource-management

pkg:maven/org.apache.streampipes/streampipes-resource-management

Vulnerabilities (1)

  • CVE-2024-29868Jun 24, 2024
    affected >= 0.69.0, < 0.95.0fixed 0.95.0

    Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Apache StreamPipes user self-registration and password recovery mechanism. This allows an attacker to guess the recovery token in a reasonable time and thereby to take over the attacked user's ac