9 matches found
CVE-2025-65112
PubNet is a self-hosted Dart & Flutter package service. Prior to version 1.1.3, the /api/storage/upload endpoint in PubNet allows unauthenticated users to upload packages as any user by providing arbitrary author-id values. This enables identity spoofing, privilege escalation, and supply chain...
CVE-2025-65112
PubNet is a self-hosted Dart & Flutter package service. Prior to version 1.1.3, the /api/storage/upload endpoint in PubNet allows unauthenticated users to upload packages as any user by providing arbitrary author-id values. This enables identity spoofing, privilege escalation, and supply chain...
CVE-2025-65112 PubNet Critical Authentication Bypass Allows Unauthenticated Package Upload and Identity Spoofing
PubNet is a self-hosted Dart & Flutter package service. Prior to version 1.1.3, the /api/storage/upload endpoint in PubNet allows unauthenticated users to upload packages as any user by providing arbitrary author-id values. This enables identity spoofing, privilege escalation, and supply chain...
CVE-2025-65112 PubNet Critical Authentication Bypass Allows Unauthenticated Package Upload and Identity Spoofing
PubNet is a self-hosted Dart & Flutter package service. Prior to version 1.1.3, the /api/storage/upload endpoint in PubNet allows unauthenticated users to upload packages as any user by providing arbitrary author-id values. This enables identity spoofing, privilege escalation, and supply chain...
EUVD-2025-199884
PubNet is a self-hosted Dart & Flutter package service. Prior to version 1.1.3, the /api/storage/upload endpoint in PubNet allows unauthenticated users to upload packages as any user by providing arbitrary author-id values. This enables identity spoofing, privilege escalation, and supply chain...
CVE-2025-65112 PubNet Critical Authentication Bypass Allows Unauthenticated Package Upload and Identity Spoofing
PubNet is a self-hosted Dart & Flutter package service. Prior to version 1.1.3, the /api/storage/upload endpoint in PubNet allows unauthenticated users to upload packages as any user by providing arbitrary author-id values. This enables identity spoofing, privilege escalation, and supply chain...
CVE-2025-65112
PubNet is a self-hosted Dart/Flutter package service. CVE-2025-65112 concerns the /api/storage/upload endpoint, which prior to version 1.1.3 allowed unauthenticated users to upload packages using arbitrary author-id values, enabling identity spoofing and privilege escalation. Public advisories fr...
PubNet 安全漏洞
PubNet is a self-hosted package repository for the individual developer Ricardo Boss. A security vulnerability exists in PubNet versions prior to 1.1.3, which stems from an unauthenticated /api/storage/upload endpoint that could lead to identity spoofing and elevation of privilege...
PT-2025-48350
Name of the Vulnerable Software and Affected Versions PubNet versions prior to 1.1.3 Description PubNet is a self-hosted Dart & Flutter package service. The /api/storage/upload endpoint allows unauthenticated users to upload packages as any user by providing arbitrary author-id values. This enabl...