Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Wed, 17 Feb 2016 19:13:14 +0100
From: Manuel Mancera <sinkmanu@...il.com>
To: oss-security@...ts.openwall.com
Cc: security@...ian.org
Subject: Re: CVE Request: graphite-web: open redirect

Sorry, the email was sent with HTML format and with a wrong link, the
link with the vulnerability is:
https://github.com/graphite-project/graphite-web/issues/1441


Regards,

On 17/02/16 18:55, Manuel Mancera wrote:
> Hello,
>
> I found and reported an open redirect vulnerability in graphite-web. 
> Through this vulnerability an attacker could redirect to a legitimate user to a malicious website. 
>
> https://github.com/graphite-project/graphite-web/issues/1441
> <https://blog.filippo.io/bleichenbacher-06-signature-forgery-in-python-rsa/>
>
> Can you assign a CVE for this issue?
>
>
> Regards,
>
> Manuel Mancera


Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ