Effect Monorepo 竞争条件问题漏洞

Effect Monorepo is a functional framework developed by Effect Open Source for building TypeScript applications. Versions of Effect Monorepo prior to 3.20.0 contained a race condition vulnerability, which was caused by context confusion in RpcServer.toWebHandler, potentially allowing access to the...

CVE-2026-30225

OliveTin gives access to predefined shell commands from a web interface. Prior to version 3000.11.1, an authentication context confusion vulnerability in RestartAction allows a low‑privileged authenticated user to execute actions they are not permitted to run. RestartAction constructs a new...

CVE-2026-30225

OliveTin gives access to predefined shell commands from a web interface. Prior to version 3000.11.1, an authentication context confusion vulnerability in RestartAction allows a low‑privileged authenticated user to execute actions they are not permitted to run. RestartAction constructs a new...

OliveTin 安全漏洞

OliveTin is an open-source web application developed by OliveTin. Versions of OliveTin prior to 3.00.11.1 contained security vulnerabilities. These vulnerabilities were caused by authentication context confusion in the RestartAction, which could allow low-privilege verified users to perform...

GHSA-P443-P7W5-2F7F OliveTin's RestartAction always runs actions as guest

Summary An authentication context confusion vulnerability in RestartAction allows a low‑privileged authenticated user to execute actions they are not permitted to run. RestartAction constructs a new internal connect.Request without preserving the original caller’s authentication headers or cookie...

GHSA-GWVQ-RGQF-993F python-keystoneclient vulnerable to context confusion in Keystone auth_token middleware

A context confusion vulnerability was identified in Keystone authtoken middleware shipped in python-keystoneclient before 0.7.0. By doing repeated requests, with sufficient load on the target system, an authenticated user may in certain situations assume another authenticated user's complete...

python-keystoneclient vulnerable to context confusion in Keystone auth_token middleware

A context confusion vulnerability was identified in Keystone authtoken middleware shipped in python-keystoneclient before 0.7.0. By doing repeated requests, with sufficient load on the target system, an authenticated user may in certain situations assume another authenticated user's complete...