7 matches found
EUVD-2026-10909
django-unicorn affected by component state manipulation via unvalidated attribute access...
CVE-2026-31815 django-unicorn affected by component state manipulation via unvalidated attribute access
Unicorn adds modern reactive component functionality to your Django templates. Prior to 0.67.0, component state manipulation is possible in django-unicorn due to missing access control checks during property updates and method calls. An attacker can bypass the intended ispublic protection to modi...
CVE-2026-31815
Unicorn adds modern reactive component functionality to your Django templates. Prior to 0.67.0, component state manipulation is possible in django-unicorn due to missing access control checks during property updates and method calls. An attacker can bypass the intended ispublic protection to modi...
PT-2026-24466
Name of the Vulnerable Software and Affected Versions Unicorn versions prior to 0.67.0 Description A flaw exists in django-unicorn that allows manipulation of component state due to insufficient access control checks when updating properties and calling methods. An attacker can bypass the intende...
Home Assistant Information Disclosure Vulnerability
Home Assistant is an open source home automation management system. The system is primarily used to control home automation devices. An information disclosure vulnerability exists in Home Assistant versions prior to 0.67.0, which can be exploited to read the application's error logs with the help...
CVE-2018-21019
Home Assistant pre-0.67.0 contains an information-disclosure vulnerability: an unauthenticated attacker can read the application’s error log via components/api.py. A fix is available in the 0.67.0 release and newer (per release and advisories). No exploitation details are provided beyond this in ...
[SECURITY] Fedora 29 Update: poppler-0.67.0-21.fc29
poppler is a PDF rendering library...