5 matches found
Buffer Overflow
Overview Affected versions of this package are vulnerable to Buffer Overflow in the PathSwitchRequest process. An attacker can cause memory corruption by sending specially crafted requests remotely to the affected component. Remediation Upgrade github.com/omec-project/amf/util to version 2.2.0 or...
Buffer Overflow
Overview Affected versions of this package are vulnerable to Buffer Overflow in the NGSetupRequest process. An attacker can cause memory corruption and potentially compromise confidentiality, integrity, and availability by sending specially crafted requests remotely. Remediation Upgrade...
Reliance on Untrusted Inputs in a Security Decision
Overview Affected versions of this package are vulnerable to Reliance on Untrusted Inputs in a Security Decision through spoofed headers in the Rate-Limit process. An attacker can circumvent request throttling by manipulating HTTP headers to appear as different users or clients, potentially...
Authorization Bypass Through User-Controlled Key
Overview Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key via the task comments process. An attacker can access unauthorized comment data by manipulating identifiers in API requests. Remediation Upgrade code.vikunja.io/api/pkg/models to version...
Missing Authorization
Overview Affected versions of this package are vulnerable to Missing Authorization due to insufficient enforcement of account disablement in the api process. An attacker can regain access to a previously disabled account by bypassing administrator-imposed restrictions. Remediation Upgrade...