Lucene search
K

24 matches found

CNNVD
CNNVD
added 2025/02/06 12:0 a.m.4 views

WhoDB 安全漏洞

WhoDB is a data browser from clidey open source. A security vulnerability exists in WhoDB 0.45.0 and earlier versions, which stems from not escaping or encoding user input, allowing an attacker to read local files via injected parameters such as &allowAllFiles=true...

8.6CVSS6.4AI score0.00543EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/02/06 12:0 a.m.4 views

WhoDB 安全漏洞

WhoDB is a data browser from clidey open source. A security vulnerability exists in WhoDB 0.45.0 and earlier versions, which stems from the lack of protection against path traversal, allowing an unauthenticated attacker to open any Sqlite3 database on the running host...

10CVSS6.7AI score0.02652EPSS
Exploits1References3
OSV
OSV
added 2024/12/20 8:36 p.m.8 views

GO-2024-3350 WhoDB Allows Unbounded Memory Consumption in Authentication Middleware Can Lead to Denial of Service in github.com/clidey/whodb/core

WhoDB Allows Unbounded Memory Consumption in Authentication Middleware Can Lead to Denial of Service in github.com/clidey/whodb/core...

7.1AI score
Exploits0References2
OSV
OSV
added 2024/12/19 3:22 p.m.10 views

GHSA-5PF6-CQ2V-23WW WhoDB Allows Unbounded Memory Consumption in Authentication Middleware Can Lead to Denial of Service

Summary A Denial of Service DoS vulnerability in the authentication middleware allows any client to cause memory exhaustion by sending large request bodies. The server reads the entire request body into memory without size limits, creating multiple copies during processing, which can lead to Out ...

7.5CVSS7.2AI score
Exploits0References3
Rows per page
Query Builder