Security
Headlines

Headlines Latest CVEs

Headline

GHSA-5mmw-p5qv-w3x5: Always incorrect control flow in github.com/mojocn/base64Captcha

When using the default implementation of Verify to check a Captcha, verification can be bypassed. For example, if the first parameter is a non-existent id, the second parameter is an empty string, and the third parameter is true, the function will always consider the Captcha to be correct.

1 year ago

Always incorrect control flow in github.com/mojocn/base64Captcha

Moderate severity GitHub Reviewed Published Dec 12, 2023 to the GitHub Advisory Database • Updated Dec 12, 2023

Related news

CVE-2023-45292: 特殊值永远成功漏洞 CVE-2023-45292 GO-2023-2386 · Issue #120 · mojocn/base64Captcha

When using the default implementation of Verify to check a Captcha, verification can be bypassed. For example, if the first parameter is a non-existent id, the second parameter is an empty string, and the third parameter is true, the function will always consider the Captcha to be correct.

1 year ago

ghsa: Latest News

GHSA-675f-rq2r-jw82: JWK Set's HTTP client only overwrites and appends JWK to local cache during refresh

1 hour ago

GHSA-7w6r-748w-mh52: pgAdmin has Incorrect Default Permissions

9 hours ago

GHSA-q8fg-cp3q-5jwm: Mattermost Incorrect Authorization vulnerability

9 hours ago

GHSA-7rgp-4j56-fm79: Mattermost has Improper Check for Unusual or Exceptional Conditions

9 hours ago

GHSA-2549-xh72-qrpm: Mattermost Improper Validation of Specified Type of Input vulnerability

9 hours ago