32 matches found
OliveTin Vulnerable to Unauthorized Action Output Disclosure via EventStream
Summary OliveTin’s live EventStream broadcasts execution events and action output to authenticated dashboard subscribers without enforcing per-action authorization. A low-privileged authenticated user can receive output from actions they are not allowed to view, resulting in broken access control...
CVE-2026-32102
OliveTin's 3000.10.2 and earlier versions expose action output via the live EventStream to authenticated dashboard subscribers without per-action authorization, enabling a low-privileged user to view restricted outputs. Affected component: EventStream/broadcast of execution events and action outp...
CVE-2026-32102 OliveTin Unauthorized Action Output Disclosure via EventStream
OliveTin gives access to predefined shell commands from a web interface. In 3000.10.2 and earlier, OliveTin’s live EventStream broadcasts execution events and action output to authenticated dashboard subscribers without enforcing per-action authorization. A low-privileged authenticated user can...
CVE-2026-32102 OliveTin Unauthorized Action Output Disclosure via EventStream
OliveTin gives access to predefined shell commands from a web interface. In 3000.10.2 and earlier, OliveTin’s live EventStream broadcasts execution events and action output to authenticated dashboard subscribers without enforcing per-action authorization. A low-privileged authenticated user can...
Malicious code in eventstream-serde-config-resolver (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-9605 Malicious code in eventstream-serde-universal (npm)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in eventstream-serde-universal (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-9604 Malicious code in eventstream-serde-config-resolver (npm)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in eventstream-serde-browser (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-9603 Malicious code in eventstream-serde-browser (npm)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in eventstream-codec (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-9602 Malicious code in eventstream-codec (npm)
--- -= Per source details. Do not edit below this line.=-...