8 matches found
CVE-2024-35184
Paperless-ngx is a document management system that transforms physical documents into a searchable online archive. Starting in version 2.5.0 and prior to version 2.8.6, remote user authentication allows API access even if API access is explicitly disabled. Version 2.8.6 contains a patchc for the...
CVE-2024-35184
Paperless-ngx is a document management system that transforms physical documents into a searchable online archive. Starting in version 2.5.0 and prior to version 2.8.6, remote user authentication allows API access even if API access is explicitly disabled. Version 2.8.6 contains a patchc for the...
CVE-2024-35184 paperless-ngx's remote user auth via header works even when disabling it for API
Paperless-ngx is a document management system that transforms physical documents into a searchable online archive. Starting in version 2.5.0 and prior to version 2.8.6, remote user authentication allows API access even if API access is explicitly disabled. Version 2.8.6 contains a patchc for the...
CVE-2024-35184 paperless-ngx's remote user auth via header works even when disabling it for API
Paperless-ngx is a document management system that transforms physical documents into a searchable online archive. Starting in version 2.5.0 and prior to version 2.8.6, remote user authentication allows API access even if API access is explicitly disabled. Version 2.8.6 contains a patchc for the...
CVE-2024-35184 paperless-ngx's remote user auth via header works even when disabling it for API
Paperless-ngx is a document management system that transforms physical documents into a searchable online archive. Starting in version 2.5.0 and prior to version 2.8.6, remote user authentication allows API access even if API access is explicitly disabled. Version 2.8.6 contains a patchc for the...
CVE-2024-35184
CVE-2024-35184 affects Paperless-ngx before 2.8.6. Evidence from PT-2024-26365 and ongoing CVE records shows that versions 2.5.0 through 2.8.5 expose remote API access via authentication that can be used even when API access is disabled. The root cause per the advisory is improper enforcement of ...
Paperless-ngx 安全漏洞
Paperless-ngx is a document management system from paperless-ngx open source. A security vulnerability exists in Paperless-ngx versions 2.5.0 through 2.8.6, which stems from remote user authentication allowing API access even when API access is explicitly disabled...
PT-2024-26365 · Unknown · Paperless-Ngx
Name of the Vulnerable Software and Affected Versions: Paperless-ngx versions 2.5.0 through 2.8.5 Description: The issue concerns remote user authentication in a document management system, allowing API access even when API access is explicitly disabled. Recommendations: For versions 2.5.0 throug...