4 matches found
CVE-2026-30225
OliveTin gives access to predefined shell commands from a web interface. Prior to version 3000.11.1, an authentication context confusion vulnerability in RestartAction allows a low‑privileged authenticated user to execute actions they are not permitted to run. RestartAction constructs a new...
CVE-2024-10082
CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. Authentication method confusion allows logging in as the built-in root user from an external service. The built-in root user up until 6.24.1 is generated in a weak manner, cannot...
PYSEC-2024-183
CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. Authentication method confusion allows logging in as the built-in root user from an external service. The built-in root user up until 6.24.1 is generated in a weak manner, cannot...
CVE-2024-10082
Summary (CVE-2024-10082) CodeChecker (Clang Static Analyzer/Tidy tooling) up to version 6.24.1 contains an authentication flaw: an auto-generated built-in root user with superuser permissions that cannot be disabled. An attacker who can create an account on an enabled external authentication serv...