GHSA-9v48-2h5x-fvpm

Опубликовано: 23 дек. 2022

Источник: github

Github: Прошло ревью

Описание

usememos/memos vulnerable to improper access control

Improper Access Control in GitHub repository usememos/memos prior to 0.9.0.

Ссылки

https://nvd.nist.gov/vuln/detail/CVE-2022-4685
https://github.com/usememos/memos/commit/dca35bde877aab6e64ef51b52e590b5d48f692f9
https://huntr.dev/bounties/015dbf52-8924-4aad-86d7-892cb61157af

Пакеты

Наименование

github.com/usememos/memos

Затронутые версииВерсия исправления

< 0.9.0

0.9.0

CVE ID

CVE-2022-4685

Дефекты

CWE-284

Связанные уязвимости

CVE-2022-4685

nvd

около 3 лет назад

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. Reason: This CVE has been rejected as it was incorrectly assigned. All references and descriptions in this candidate have been removed to prevent accidental usage.

CVE ID

CVE-2022-4685

Дефекты

CWE-284