Vulnerability Description
A vulnerability was found in Pylons horus and classified as problematic. Affected by this issue is some unknown functionality of the file horus/flows/local/services.py. The manipulation leads to observable timing discrepancy. The complexity of an attack is rather high. The exploitation is known to be difficult. The patch is identified as fd56ccb62ce3cbdab0484fe4f9c25c4eda6c57ec. It is recommended to apply a patch to fix this issue. VDB-217598 is the identifier assigned to this vulnerability.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Pylonsproject | Horus | < 2014-05-07 |
Related Weaknesses (CWE)
References
- https://github.com/Pylons/horus/commit/fd56ccb62ce3cbdab0484fe4f9c25c4eda6c57ecPatchThird Party Advisory
- https://vuldb.com/?ctiid.217598Third Party AdvisoryVDB Entry
- https://vuldb.com/?id.217598Third Party AdvisoryVDB Entry
- https://github.com/Pylons/horus/commit/fd56ccb62ce3cbdab0484fe4f9c25c4eda6c57ecPatchThird Party Advisory
- https://vuldb.com/?ctiid.217598Third Party AdvisoryVDB Entry
- https://vuldb.com/?id.217598Third Party AdvisoryVDB Entry
FAQ
What is CVE-2014-125056?
CVE-2014-125056 is a vulnerability with a CVSS score of 2.6 (LOW). A vulnerability was found in Pylons horus and classified as problematic. Affected by this issue is some unknown functionality of the file horus/flows/local/services.py. The manipulation leads to obser...
How severe is CVE-2014-125056?
CVE-2014-125056 has been rated LOW with a CVSS base score of 2.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-125056?
Check the references section above for vendor advisories and patch information. Affected products include: Pylonsproject Horus.