Description
User invites for Funkwhale v1.2.8 do not permanently expire after being used for signup and can be used again after an account has been deleted.
Published: 2022-12-09
Score: 5.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

No analysis available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2022-48192 User invites for Funkwhale v1.2.8 do not permanently expire after being used for signup and can be used again after an account has been deleted.
History

Wed, 23 Apr 2025 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Subscriptions

Funkwhale Funkwhale
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2025-04-23T14:01:25.725Z

Reserved: 2022-11-14T00:00:00.000Z

Link: CVE-2022-45292

cve-icon Vulnrichment

Updated: 2024-08-03T14:09:56.846Z

cve-icon NVD

Status : Modified

Published: 2022-12-09T22:15:10.690

Modified: 2025-04-23T14:15:26.453

Link: CVE-2022-45292

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses