Panic or authentication bypass in github.com/ecnepsnai/web. Web Sockets do not execute AuthenticateMethod leading to nil pointer dereference or authentication bypass
Reporter | Title | Published | Views | Family All 10 |
---|---|---|---|---|
Veracode | Denial Of Service (DoS) | 28 Dec 202208:38 | – | veracode |
CVE | CVE-2021-4236 | 27 Dec 202222:15 | – | cve |
Github Security Blog | ecnepsnai/web vulnerable to Uncontrolled Resource Consumption | 28 Dec 202200:30 | – | github |
Prion | Authentication flaw | 27 Dec 202222:15 | – | prion |
NVD | CVE-2021-4236 | 27 Dec 202222:15 | – | nvd |
OSV | ecnepsnai/web vulnerable to Uncontrolled Resource Consumption | 28 Dec 202200:30 | – | osv |
OSV | CVE-2021-4236 | 27 Dec 202222:15 | – | osv |
OSV | Websocket requests did not call AuthenticateMethod | 23 Jun 202117:26 | – | osv |
OSV | Panic or authentication bypass in github.com/ecnepsnai/web | 28 Jul 202118:08 | – | osv |
OSV | GO-2022-0385 | 1 Jul 202220:11 | – | osv |
[
{
"vendor": "github.com/ecnepsnai/web",
"product": "github.com/ecnepsnai/web",
"collectionURL": "https://pkg.go.dev",
"packageName": "github.com/ecnepsnai/web",
"versions": [
{
"version": "1.4.0",
"lessThan": "1.5.2",
"status": "affected",
"versionType": "semver"
}
],
"programRoutines": [
{
"name": "Server.socketHandler"
},
{
"name": "Server.Socket"
}
],
"defaultStatus": "unaffected"
}
]
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo