4 matches found
SUSE CVE-2026-28789
OliveTin gives access to predefined shell commands from a web interface. Prior to version 3000.10.3, an unauthenticated denial-of-service vulnerability exists in OliveTin's OAuth2 login flow. Concurrent requests to /oauth/login can trigger unsynchronized access to a shared registeredStates map,...
GO-2026-4586 OliveTin has unauthenticated DoS via concurrent map writes in OAuth2 state handling in github.com/OliveTin/OliveTin
OliveTin has unauthenticated DoS via concurrent map writes in OAuth2 state handling in github.com/OliveTin/OliveTin. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive...
CVE-2026-28789
OliveTin gives access to predefined shell commands from a web interface. Prior to version 3000.10.3, an unauthenticated denial-of-service vulnerability exists in OliveTin’s OAuth2 login flow. Concurrent requests to /oauth/login can trigger unsynchronized access to a shared registeredStates map,...
PT-2026-23499
Name of the Vulnerable Software and Affected Versions OliveTin versions prior to 3000.10.3 Description OliveTin is susceptible to a denial-of-service condition stemming from an unsynchronized access issue within its OAuth2 login flow. Concurrent requests to the /oauth/login API endpoint can trigg...