4 matches found
CVE-2024-41962
Bostr is an nostr relay aggregator proxy that acts like a regular nostr relay. bostr let everyone in even having authorizedkeys being set when noscraper is set to true. This vulnerability is fixed in 3.0.10...
GHSA-5CF7-CXRF-MQ73 Bostr Improper Authorization vulnerability
Even with authorizedkeys is filled with allowed pubkeys, If noscraper is enabled, It will allow anyone to use bouncer even it's pubkey is not in authorizedkeys. Impact - Private bouncer Patches Available on version 3.0.10 Workarounds Disable noscraper if you have authorizedkeys being set in confi...
Bostr Improper Authorization vulnerability
Even with authorizedkeys is filled with allowed pubkeys, If noscraper is enabled, It will allow anyone to use bouncer even it's pubkey is not in authorizedkeys. Impact - Private bouncer Patches Available on version 3.0.10 Workarounds Disable noscraper if you have authorizedkeys being set in confi...
CVE-2024-41962
Bostr is an nostr relay aggregator proxy that acts like a regular nostr relay. bostr let everyone in even having authorizedkeys being set when noscraper is set to true. This vulnerability is fixed in 3.0.10...