Lucene search
GoogleOSV:GHSA-6PJ2-5FQQ-XVJCHistoryJan 06, 2022 - 8:56 p.m.
Incorrect Authorization in latte/latte
2022-01-0620:56:27
Google
osv.dev
6
0.003 Low
EPSS
Percentile
71.0%
This affects the package latte/latte before 2.10.6. There is a way to bypass allowFunctions that will affect the security of the application. When the template is set to allow/disallow the use of certain functions, adding control characters (x00-x08) after the function will bypass these restrictions.
| CPE | Name | Operator | Version |
|---|---|---|---|
| latte/latte | eq | 2.5.2 | |
| latte/latte | eq | 2.2.9 | |
| latte/latte | eq | 2.2.2 | |
| latte/latte | eq | 2.8.4 | |
| latte/latte | eq | 2.3.2 | |
| latte/latte | eq | 2.4.3 | |
| latte/latte | eq | 2.4.7 | |
| latte/latte | eq | 2.10.2 | |
| latte/latte | eq | 2.2.4 | |
| latte/latte | eq | 2.4.2 |
Related
cve
cve
CVE-2021-23803
2021-12-17 20:15:08
debiancve
debiancve
CVE-2021-23803
2021-12-17 20:15:00
osv
osv
CVE-2021-23803
2021-12-17 20:15:08
prion
prion
Authentication flaw
2021-12-17 20:15:00
nvd
nvd
CVE-2021-23803
2021-12-17 20:15:08
github
github
Incorrect Authorization in latte/latte
2022-01-06 20:56:27
ubuntucve
ubuntucve
CVE-2021-23803
2021-12-17 00:00:00
cvelist
cvelist
CVE-2021-23803 Access Control Bypass
2021-12-17 00:00:00