github.com/codenotary/immudb is vulnerable to improper authorization. The library does not properly validate SDKs server UUIDs which allows a malicious server to change the reported UUID, tricking the client to treat it as a different server thus accepting a state completely irrelevant to the one previously retrieved from the server.
CPE | Name | Operator | Version |
---|---|---|---|
github.com/codenotary/immudb | le | v1.4.0 | |
github.com/codenotary/immudb | le | v1.4.0 |