25 matches found
CVE-2022-0508
Server-Side Request Forgery SSRF in GitHub repository chocobozzz/peertube prior to f33e515991a32885622b217bf2ed1d1b0d9d6832...
EUVD-2022-15796
Malicious code in bioql PyPI...
EUVD-2022-1109
Malicious code in bioql PyPI...
PeerTube 安全漏洞
PeerTube is a decentralized video sharing service platform open-sourced by Chocobozzz. It is used to create video projects. PeerTube suffers from a security vulnerability that stems from path traversal and could lead to the disclosure of arbitrary m3u8 files...
PeerTube 安全漏洞
PeerTube is a decentralized video sharing service platform open-sourced by Chocobozzz. It is used to create video projects. PeerTube suffers from a security vulnerability that stems from a lack of permission validation, which could lead to the addition of playlists to other users' channels via th...
CVE-2022-0881 Insecure Storage of Sensitive Information in chocobozzz/peertube
Insecure Storage of Sensitive Information in GitHub repository chocobozzz/peertube prior to 4.1.1...
PeerTube 安全漏洞
PeerTube is a decentralized video sharing service platform. It is used to create video projects. PeerTube suffers from a security vulnerability that stems from the insecure storage of sensitive information in the chocobozzz peertube...
CVE-2022-0727
Improper Access Control in GitHub repository chocobozzz/peertube prior to 4.1.0...
CVE-2022-0726
Missing Authorization in GitHub repository chocobozzz/peertube prior to 4.1.0...
Improper access control
Improper Access Control in GitHub repository chocobozzz/peertube prior to 4.1.0...
CVE-2022-0727
CVE-2022-0727 affects chocobozzz/peertube (prior to version 4.1.0) with improper access control. The Red Hat/ENISA/CNVD/OSV/etc. entries and the Huntr PoC confirm the root cause: the app does not properly check video status when making data changes, enabling a user to rate private videos via API ...
CVE-2022-0727 Improper Access Control in chocobozzz/peertube
Improper Access Control in GitHub repository chocobozzz/peertube prior to 4.1.0...
CVE-2022-0727 Improper Access Control in chocobozzz/peertube
Improper Access Control in GitHub repository chocobozzz/peertube prior to 4.1.0...
CVE-2022-0726
CVE-2022-0726 concerns PeerTube versions prior to 4.1.0 with a missing/improper authorization issue in the chocobozzz/peertube repository. The connected documents specify that unauthenticated or insufficiently authorized actions allow attackers to interact with private videos by creating new comm...
CVE-2022-0726 Missing Authorization in chocobozzz/peertube
Missing Authorization in GitHub repository chocobozzz/peertube prior to 4.1.0...
CVE-2022-0726 Missing Authorization in chocobozzz/peertube
Missing Authorization in GitHub repository chocobozzz/peertube prior to 4.1.0...
Improper Authorization in chocobozzz/peertube
Description The app doesn't check the status of video when making data changes. Normal users can create new comment or reply comment in private videos. Proof of Concept note: I'm using instance p.lu for testing - Step 1: Login as video test1 and upload private video. Get video ID of private video...
CVE-2022-0508
Server-Side Request Forgery SSRF in GitHub repository chocobozzz/peertube prior to f33e515991a32885622b217bf2ed1d1b0d9d6832...
Server side request forgery (ssrf)
Server-Side Request Forgery SSRF in GitHub repository chocobozzz/peertube prior to f33e515991a32885622b217bf2ed1d1b0d9d6832...
CVE-2022-0508
PeerTube (chocobozzz/peertube) is affected by a Server-Side Request Forgery (SSRF) vulnerability described in CVE-2022-0508, stemming from insufficient verification of request origin for server-side requests prior to the commit f33e515991a32885622b217bf2ed1d1b0d9d6832. Connected sources (Red Hat,...