10 matches found
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization due to improper policy enforcement. An attacker can gain unauthorized access or perform actions with insufficient authorization by exploiting cache key collisions that cause the reuse of cached results from...
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization due to improper policy enforcement. An attacker can gain unauthorized access or perform actions with insufficient authorization by exploiting cache key collisions that cause the reuse of cached results from...
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization due to improper policy enforcement. An attacker can gain unauthorized access or perform actions with insufficient authorization by exploiting cache key collisions that cause the reuse of cached results from...
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization due to improper policy enforcement. An attacker can gain unauthorized access or perform actions with insufficient authorization by exploiting cache key collisions that cause the reuse of cached results from...
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization due to improper policy enforcement. An attacker can gain unauthorized access or perform actions with insufficient authorization by exploiting cache key collisions that cause the reuse of cached results from...
CVE-2026-35039
fast-jwt provides fast JSON Web Token JWT implementation. From 0.0.1 to before 6.2.0, setting up a custom cacheKeyBuilder method which does not properly create unique keys for different tokens can lead to cache collisions. This could cause tokens to be mis-identified during the verification proce...
Improper Input Validation
Overview Affected versions of this package are vulnerable to Improper Input Validation. An attacker can gain unauthorized access to resources by sending specially crafted requests that result in cache key collisions, causing the system to reuse cached authorization results for different requests...
Improper Validation of Unsafe Equivalence in Input
Overview parse-dashboard is a The Parse Dashboard for Parse Server Affected versions of this package are vulnerable to Improper Validation of Unsafe Equivalence in Input in the ConfigKeyCache process. An attacker can obtain unauthorized access to sensitive master key information by exploiting cac...
PT-2026-7137
Name of the Vulnerable Software and Affected Versions Litestar versions prior to 2.20.0 Description Litestar is an Asynchronous Server Gateway Interface ASGI framework. When the FileStore is used as a response-cache backend, an unauthenticated remote attacker can trigger cache key collisions via...
Dovecot 2.4.0 < 2.4.2 Improper Access Control Vulnerability
Dovecot is prone to an improper access control vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:dovecot:dovecot";...