Vulnerability Database

309,364

Total vulnerabilities in the database

CVE-2022-39228

vantage6 is a privacy preserving federated learning infrastructure for secure insight exchange. vantage6 does not inform the user of wrong username/password combination if the username actually exists. This is an attempt to prevent bots from obtaining usernames. However, if a wrong password is entered a number of times, the user account is blocked temporarily. This issue has been fixed in version 3.8.0.

Published: Mar 1, 2023
Updated: Nov 16, 2025
CVE: CVE-2022-39228
GHSA: GHSA-36gx-9q6h-g429
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.3
AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CWEs:

Affected Software
References

Software	From	Fixed in
vantage6 / vantage6	3.3.3	3.8.0
vantage6	-	3.8.0

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo