4 matches found
GO-2026-5552 OliveTin has Unvalidated `ot_`-prefixed Arguments that Bypass Input Filtering in github.com/OliveTin/OliveTin
OliveTin has Unvalidated ot-prefixed Arguments that Bypass Input Filtering in github.com/OliveTin/OliveTin...
GO-2026-4670 OliveTin's unsafe parsing of UniqueTrackingId can be used to write files in github.com/OliveTin/OliveTin
OliveTin's unsafe parsing of UniqueTrackingId can be used to write files in github.com/OliveTin/OliveTin...
Insufficient Session Expiration
Overview Affected versions of this package are vulnerable to Insufficient Session Expiration through improper handling of the Logout. An attacker can maintain unauthorized access by replaying a previously captured session cookie after a user logs out. Remediation Upgrade...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the PasswordHash API endpoint. An attacker can exhaust server memory and cause service disruption by sending multiple concurrent requests to trigger excessive memory allocation...