8 matches found
NocoDB: OAuth Tokens Persist Through Security Events
Summary OAuth access and refresh tokens were not revoked when the user changed, reset, or recovered their password, leaving an attacker-issued OAuth grant valid after the user believed they had locked the attacker out. Details revokeAllOAuthTokensByUser in the users service was an empty stub bein...
PT-2026-49060
Name of the Vulnerable Software and Affected Versions NocoDB versions prior to 2026.05.1 Description OAuth access and refresh tokens are not revoked when a user changes, resets, or recovers their password. This occurs because the revokeAllOAuthTokensByUser function in the users service was an emp...
NocoDB's Refresh Tokens Not Revoked on Password Reset
Summary The password reset flow did not revoke existing refresh tokens, allowing an attacker with a previously stolen refresh token to continue minting valid JWTs after the victim resets their password. Details passwordReset in users.service.ts updated tokenversion invalidating JWTs but did not...
GHSA-X4VH-J75G-268G NocoDB's Refresh Tokens Not Revoked on Password Reset
Summary The password reset flow did not revoke existing refresh tokens, allowing an attacker with a previously stolen refresh token to continue minting valid JWTs after the victim resets their password. Details passwordReset in users.service.ts updated tokenversion invalidating JWTs but did not...
CVE-2021-39235
In Apache Ozone before 1.2.0, Ozone Datanode doesn't check the access mode parameter of the block token. Authenticated users with valid READ block token can do any write operation on the same block...
CVE-2024-28192 NoSQL Injection Leading to Authentication Bypass in your_spotify
yourspotify is an open source, self hosted Spotify tracking dashboard. YourSpotify version 1.8.0 is vulnerable to NoSQL injection in the public access token processing logic. Attackers can fully bypass the public token authentication mechanism, regardless if a public token has been generated befo...
PT-2023-30431 · Unknown · Best Training Member
Name of the Vulnerable Software and Affected Versions: best training member version 13.6.1 Description: The issue allows remote attackers to send malicious notifications due to the leakage of channel access token in best training member. Recommendations: For version 13.6.1, consider restricting...
krb5: double free in gssapi lib
Double free vulnerability in the gsskrb5intmakesealtokenv3 function in lib/gssapi/krb5/k5sealv3.c in MIT Kerberos 5 krb5 has unknown impact and attack vectors...