Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Wed, 17 Feb 2016 18:53:57 +0100
From: Manuel Mancera <sinkmanu@...il.com>
To: oss-security@...ts.openwall.com
Cc: security@...ian.org
Subject: CVE Request: graphite-web: open redirect

Hello,

I found and reported an open redirect vulnerability in graphite-web. 
Through this vulnerability an attacker could redirect to a legitimate user to a malicious website. 

https://github.com/graphite-project/graphite-web/issues/1441
<https://blog.filippo.io/bleichenbacher-06-signature-forgery-in-python-rsa/>

Can you assign a CVE for this issue?


Regards,

Manuel Mancera


Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ