Lucene search
K

5 matches found

EUVD
EUVD
added 2026/06/24 5:38 p.m.7 views

EUVD-2026-36906

OliveTin has a Concurrent Template Parsing Race Condition which Leads to Cross-Request Command Contamination...

7.5CVSS5.8AI score0.00401EPSS
Exploits0References4
NVD
NVD
added 2026/06/15 9:17 p.m.9 views

CVE-2026-48708

OliveTin gives access to predefined shell commands from a web interface. In versions 3000.0.0 and prior, the template engine uses a single shared text/template.Template instance tpl package-level variable in service/internal/tpl/templates.go across all goroutines. Every action execution calls...

7.5CVSS0.00401EPSS
Exploits0References3
CVE
CVE
added 2026/06/15 7:59 p.m.15 views

CVE-2026-48708

OliveTin is affected by a race condition in the template engine. In versions up to 3000.0.0, a single shared text/template.Template instance (tpl) is used across all goroutines, and actions perform tpl.Parse(source) followed by t.Execute() without synchronization. Under concurrent ExecRequests, t...

7.5CVSS5.8AI score0.00401EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.14 views

PT-2026-49471

Name of the Vulnerable Software and Affected Versions OliveTin versions prior to 3000.13.0 Description The template engine utilizes a single shared text/template.Template instance, specifically the tpl package-level variable in service/internal/tpl/templates.go, across all goroutines. Each action...

7.5CVSS6AI score0.00401EPSS
Exploits0References9
Spring Security Advisories
Spring Security Advisories
added 2024/03/15 12:0 a.m.14 views

Hypermedia and Browser Enhancement

Front end development these days is dominated by large JavaScript client side frameworks. There are plenty of good reasons for that, but it can be very inefficient for many use cases, and the framework engineering has become extremely complex. In this article, I want to explore a different...

6.9AI score
Exploits0
Rows per page
Query Builder