3 matches found
CVE-2025-59833 FlagForgeCTF Hint Exposure via API
Flag Forge is a Capture The Flag CTF platform. In versions from 2.1.0 to before 2.3.0, the API endpoint GET /api/problems/:id returns challenge hints in plaintext within the question object, regardless of whether the user has unlocked them via point deduction. Users can view all hints for free,...
PT-2025-39352
Name of the Vulnerable Software and Affected Versions Flag Forge versions 2.1.0 through 2.2.9 Description Flag Forge is a Capture The Flag CTF platform. The API endpoint GET /api/problems/:id returns challenge hints in plaintext within the question object, regardless of whether the user has...
DEBIAN-CVE-2023-43641
libcue provides an API for parsing and extracting data from CUE sheets. Versions 2.2.1 and prior are vulnerable to out-of-bounds array access. A user of the GNOME desktop environment can be exploited by downloading a cue sheet from a malicious webpage. Because the file is saved to /Downloads, it ...