Today > vulnerabilities   -   You can now download lists of IOCs here!

CVE-2024-41256

July 31, 2024, 9:15 p.m.

Tags

cve@mitre.org
2024-07-31
CVE-2024-41256

Product(s) Impacted

filestash

  • 0.4

Description

Default configurations in the ShareProofVerifier function of filestash v0.4 causes the application to skip the TLS certificate verification process when sending out email verification codes, possibly allowing attackers to access sensitive data via a man-in-the-middle attack.

Weaknesses

Date

Published: July 31, 2024, 9:15 p.m.

Last Modified: July 31, 2024, 9:15 p.m.

Status : Received

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

cve@mitre.org

References

https://gist.github.com/ cve@mitre.org