24 matches found
WhoDB 安全漏洞
WhoDB is a data browser from clidey open source. A security vulnerability exists in WhoDB 0.45.0 and earlier versions, which stems from not escaping or encoding user input, allowing an attacker to read local files via injected parameters such as &allowAllFiles=true...
WhoDB 安全漏洞
WhoDB is a data browser from clidey open source. A security vulnerability exists in WhoDB 0.45.0 and earlier versions, which stems from the lack of protection against path traversal, allowing an unauthenticated attacker to open any Sqlite3 database on the running host...
GO-2024-3350 WhoDB Allows Unbounded Memory Consumption in Authentication Middleware Can Lead to Denial of Service in github.com/clidey/whodb/core
WhoDB Allows Unbounded Memory Consumption in Authentication Middleware Can Lead to Denial of Service in github.com/clidey/whodb/core...
GHSA-5PF6-CQ2V-23WW WhoDB Allows Unbounded Memory Consumption in Authentication Middleware Can Lead to Denial of Service
Summary A Denial of Service DoS vulnerability in the authentication middleware allows any client to cause memory exhaustion by sending large request bodies. The server reads the entire request body into memory without size limits, creating multiple copies during processing, which can lead to Out ...