Security
Headlines

Headlines Latest CVEs

Headline

GHSA-5mmw-p5qv-w3x5: Always incorrect control flow in github.com/mojocn/base64Captcha

When using the default implementation of Verify to check a Captcha, verification can be bypassed. For example, if the first parameter is a non-existent id, the second parameter is an empty string, and the third parameter is true, the function will always consider the Captcha to be correct.

9 months ago

Always incorrect control flow in github.com/mojocn/base64Captcha

Moderate severity GitHub Reviewed Published Dec 12, 2023 to the GitHub Advisory Database • Updated Dec 12, 2023

Related news

CVE-2023-45292: 特殊值永远成功漏洞 CVE-2023-45292 GO-2023-2386 · Issue #120 · mojocn/base64Captcha

When using the default implementation of Verify to check a Captcha, verification can be bypassed. For example, if the first parameter is a non-existent id, the second parameter is an empty string, and the third parameter is true, the function will always consider the Captcha to be correct.

9 months ago

ghsa: Latest News

GHSA-9h9q-qhxg-89xr: Filament has unvalidated ColorColumn and ColorEntry values that can be used for Cross-site Scripting

1 day ago

GHSA-jg74-mwgw-v6x3: Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default

2 days ago

GHSA-h4h5-9833-v2p4: Rancher agents can be hijacked by taking over the Rancher Server URL

2 days ago

GHSA-g54f-66mw-hv66: Agnai vulnerable to Relative Path Traversal in Image Upload

2 days ago

GHSA-h355-hm5h-cm8h: Agnai File Disclosure Vulnerability: JSON via Path Traversal

2 days ago