3 matches found
CVE-2024-10141
The CVE-2024-10141 issue affects jsbroks COCO Annotator 0.11.1, specifically the Session Handler component where manipulating the SECRET_KEY causes a predictable state from observable state. It can be initiated remotely, with attack complexity described as high and exploitability as difficult. Mu...
CVE-2026-2109
CVE-2026-2109 affects jsbroks COCO Annotator up to v0.11.1. The vulnerability exists in an unknown function of the file /api/undo/ within the Delete Category Handler, where manipulating the ID argument leads to improper authorization. It can be triggered remotely and a public exploit is available...
CVE-2026-2108
The CVE-2026-2108 entry covers jsbroks COCO Annotator up to version 0.11.1. The vulnerability affects the Endpoint component’s /api/info/long_task, where manipulation can cause a denial of service. It is remotely exploitable and has been publicly disclosed; multiple sources note no vendor respons...