7 matches found
EUVD-2021-30702
Malicious code in bioql PyPI...
SUSE CVE-2021-43820
Seafile is an open source cloud storage system. A sync token is used in Seafile file syncing protocol to authorize access to library data. To improve performance, the token is cached in memory in seaf-server. Upon receiving a token from sync client or SeaDrive client, the server checks whether th...
CVE-2021-43820
Seafile is an open source cloud storage system. A sync token is used in Seafile file syncing protocol to authorize access to library data. To improve performance, the token is cached in memory in seaf-server. Upon receiving a token from sync client or SeaDrive client, the server checks whether th...
CVE-2021-43820
Seafile is an open source cloud storage system. A sync token is used in Seafile file syncing protocol to authorize access to library data. To improve performance, the token is cached in memory in seaf-server. Upon receiving a token from sync client or SeaDrive client, the server checks whether th...
CVE-2021-43820
Seafile is an open source cloud storage system. A sync token is used in Seafile file syncing protocol to authorize access to library data. To improve performance, the token is cached in memory in seaf-server. Upon receiving a token from sync client or SeaDrive client, the server checks whether th...
Design/Logic Flaw
Seafile is an open source cloud storage system. A sync token is used in Seafile file syncing protocol to authorize access to library data. To improve performance, the token is cached in memory in seaf-server. Upon receiving a token from sync client or SeaDrive client, the server checks whether th...
CVE-2021-43820
The CVE-2021-43820 entries describe a permissions-check bypass in Seafile: the in-memory sync token cache does not verify library association in the request URL, allowing a token to access data from any known library if the attacker discovers a library ID. Affected product: Seafile (Seaf-server t...