Lucene search
GoogleOSV:GO-2024-2936HistoryJul 01, 2024 - 7:59 p.m.
PocketBase performs password auth and OAuth2 unverified email linking in github.com/pocketbase/pocketbase
2024-07-0119:59:12
Google
osv.dev
1
pocketbase
password authentication
oauth2
unverified email linking
github
security document
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
7 High
AI Score
Confidence
Low
PocketBase performs password auth and OAuth2 unverified email linking in github.com/pocketbase/pocketbase
| CPE | Name | Operator | Version |
|---|---|---|---|
| github.com/pocketbase/pocketbase | lt | 0.22.14 |
Related
cvelist
cvelist
CVE-2024-38351 Password auth and OAuth2 unverified email linking
2024-06-18 17:00:38
veracode
veracode
Improper Authentication
2024-06-19 07:03:09
github
github
PocketBase performs password auth and OAuth2 unverified email linking
2024-06-18 20:29:33
cve
cve
CVE-2024-38351
2024-06-18 17:15:52
osv
osv
PocketBase performs password auth and OAuth2 unverified email linking
2024-06-18 20:29:33
nvd
nvd
CVE-2024-38351
2024-06-18 17:15:52
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
7 High
AI Score
Confidence
Low
Related for OSV:GO-2024-2936