Casdoor is vulnerable to Improper Authorization

An issue in the permission verification module and organization/application editing interface in Casdoor before 2.63.0 allows remote authenticated administrators of any organization within the system to bypass the system's permission verification mechanism by directly concatenating URLs after log...

GHSA-5M9M-J5P7-M7F9 Casdoor is vulnerable to Improper Authorization

An issue in the permission verification module and organization/application editing interface in Casdoor before 2.63.0 allows remote authenticated administrators of any organization within the system to bypass the system's permission verification mechanism by directly concatenating URLs after log...

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization. An attacker can gain unauthorized access to restricted organization or application editing interfaces by manipulating URLs after authentication. Remediation Upgrade github.com/casdoor/casdoor/controllers to...

EUVD-2024-3397

Malicious code in bioql PyPI...

CVE-2024-53858

The gh cli is GitHub’s official command line tool. A security vulnerability has been identified in the GitHub CLI that could leak authentication tokens when cloning repositories containing git submodules hosted outside of GitHub.com and ghe.com. This vulnerability stems from several gh commands...

GitHub CLI 信息泄露漏洞

GitHub CLI is the GitHub CLI open source for GitHub on the command line. An information disclosure vulnerability exists in GitHub CLI versions prior to 2.63.0, which stems from the possibility of disclosing authentication tokens...