← Back

Andrew's Web Libraries

andrew's_web_libraries

Vendor: Davical • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2020-11729
2Davical
Debian
2Andrew's Web Libraries
Debian Linux
Jun 17, 2026
Apr 15, 2020
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
An issue was discovered in DAViCal Andrew's Web Libraries (AWL) through 0.60. Long-term session cookies, uses to provide long-term session continuity, are not generated securely, enabling a brute-force attack that may be...Show more
An issue was discovered in DAViCal Andrew's Web Libraries (AWL) through 0.60. Long-term session cookies, uses to provide long-term session continuity, are not generated securely, enabling a brute-force attack that may be successful.Show less
CVE-2020-11728
2Davical
Debian
2Andrew's Web Libraries
Debian Linux
Jun 17, 2026
Apr 15, 2020
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
An issue was discovered in DAViCal Andrew's Web Libraries (AWL) through 0.60. Session management does not use a sufficiently hard-to-guess session key. Anyone who can guess the microsecond time (and the incrementing sess...Show more
An issue was discovered in DAViCal Andrew's Web Libraries (AWL) through 0.60. Session management does not use a sufficiently hard-to-guess session key. Anyone who can guess the microsecond time (and the incrementing session_id) can impersonate a session.Show less