CVE-2024-39314 toy-blog administrative token leaked through the command line parameter

toy-blog is a headless content management system implementation. Starting in version 0.4.3 and prior to version 0.5.0, the administrative password was leaked through the command line parameter. The problem was patched in version 0.5.0. As a workaround, pass --read-bearer-token-from-stdin to the...

CVE-2024-39314 toy-blog administrative token leaked through the command line parameter

toy-blog is a headless content management system implementation. Starting in version 0.4.3 and prior to version 0.5.0, the administrative password was leaked through the command line parameter. The problem was patched in version 0.5.0. As a workaround, pass --read-bearer-token-from-stdin to the...

CVE-2024-39314

The CVE-2024-39314 issue affects toy-blog versions 0.4.3 to before 0.5.0, where the administrative password was leaked via a command line parameter (root cause: command line exposure). A fix is available in version 0.5.0. As a workaround, versions 0.4.14 and later can pass the bearer token via st...

DEBIAN-CVE-2005-2772

Multiple stack-based buffer overflows in University of Minnesota gopher client 3.0.9 allow remote malicious servers to execute arbitrary code via 1 a long "+VIEWS:" reply, which is not properly handled in the VIfromLine function, and 2 certain arguments when launching third party programs such as...