Lucene search
K

6 matches found

Snyk
Snyk
added 2026/04/10 3:34 p.m.5 views

Inefficient Algorithmic Complexity

Overview Affected versions of this package are vulnerable to Inefficient Algorithmic Complexity through the addRepeatIntervalToTime function. An attacker can exhaust server resources and render the application unresponsive by creating tasks with extremely small repeat intervals and due dates far ...

7.1CVSS5.5AI score0.00347EPSS
Exploits1References2
Snyk
Snyk
added 2026/04/10 3:34 p.m.7 views

Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization in the GetResource and GetResourcesByList processes. An attacker can access sensitive task data from projects they do not have permission to view by making authenticated CalDAV requests with a known or guessed task...

5.3CVSS5.8AI score0.00216EPSS
Exploits1References2
Snyk
Snyk
added 2026/04/10 3:33 p.m.4 views

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization due to improper SQL operator precedence in the hasAccessToLabel function. An attacker can access label metadata, including titles, descriptions, colors, and creator information from projects they do not have acce...

5.3CVSS5.8AI score0.00272EPSS
Exploits1References2
Snyk
Snyk
added 2026/04/10 3:31 p.m.5 views

Insufficient Session Expiration

Overview Affected versions of this package are vulnerable to Insufficient Session Expiration due to the lack of server-side validation in the GetLinkShareFromClaims process. An attacker can retain unauthorized access to resources by using previously issued JWT tokens even after a link share is...

6.9CVSS5.8AI score0.00268EPSS
Exploits1References2
Snyk
Snyk
added 2026/04/10 3:31 p.m.3 views

Insufficient Session Expiration

Overview Affected versions of this package are vulnerable to Insufficient Session Expiration due to the lack of server-side validation in the GetLinkShareFromClaims process. An attacker can retain unauthorized access to resources by using previously issued JWT tokens even after a link share is...

6.9CVSS5.8AI score0.00268EPSS
Exploits1References2
Snyk
Snyk
added 2026/03/07 2:37 a.m.8 views

Improper Authentication

Overview x402 is a x402: An internet native payments protocol Affected versions of this package are vulnerable to Improper Authentication in facilitator payment processing on Solana. An attacker can interfere with or manipulate payment transactions by exploiting a race condition. Remediation...

6CVSS5.8AI score
Exploits0References2
Rows per page
Query Builder