VYPR

Go modules package

github.com/bytebase/bytebase

pkg:golang/github.com/bytebase/bytebase

Vulnerabilities (2)

  • CVE-2022-32170MedSep 28, 2022
    affected >= 0.1.0, <= 1.0.4

    The “Bytebase” application does not restrict low privilege user to access admin “projects“ for which an unauthorized user can view the “projects“ created by “Admin” and the affected endpoint is “/api/project?user=${userId}”.

  • CVE-2022-32169MedSep 28, 2022
    affected >= 0.1.0, <= 1.0.4

    The “Bytebase” application does not restrict low privilege user to access “admin issues“ for which an unauthorized user can view the “OPEN” and “CLOSED” issues by “Admin” and the affected endpoint is “/issue”.