2 matches found
Improper Access Control
ghost is vulnerable to improper access control. An unprivileged member has the ability to view and change unintended newsletter settings due to improper validation for nested objects in Memebers API...
CVE-2019-12875
Alpine Linux abuild through 3.4.0 allows an unprivileged member of the abuild group to add an untrusted package via a --keys-dir option that causes acceptance of an untrusted signing key...