2 matches found
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization via the HTTP Filestore API endpoints. An attacker can access files from other organizations without explicit permissions by issuing a single authenticated HTTP GET request while holding only minimal read privileg...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the VQLResponse result-set writer. An attacker can cause the server to exhaust available memory and crash by sending specially crafted messages through the standard client...