rpm package
opensuse/mybatis&distro=openSUSE Leap 15.5
pkg:rpm/opensuse/mybatis&distro=openSUSE%20Leap%2015.5
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-1313 | Med | 6.5 | < 3.5.6-150200.5.6.1 | 3.5.6-150200.5.6.1 | Mar 26, 2024 | It is possible for a user in a different organization from the owner of a snapshot to bypass authorization and delete a snapshot by issuing a DELETE request to /api/snapshots/ using its view key. This functionality is intended to only be available to individuals with the per | |
| CVE-2023-6152 | — | < 3.5.6-150200.5.6.1 | 3.5.6-150200.5.6.1 | Feb 13, 2024 | A user changing their email after signing up and verifying it can change it without verification in profile settings. The configuration option "verify_email_enabled" will only validate email only on sign up. |
- affected < 3.5.6-150200.5.6.1fixed 3.5.6-150200.5.6.1
It is possible for a user in a different organization from the owner of a snapshot to bypass authorization and delete a snapshot by issuing a DELETE request to /api/snapshots/ using its view key. This functionality is intended to only be available to individuals with the per
- CVE-2023-6152Feb 13, 2024affected < 3.5.6-150200.5.6.1fixed 3.5.6-150200.5.6.1
A user changing their email after signing up and verifying it can change it without verification in profile settings. The configuration option "verify_email_enabled" will only validate email only on sign up.