Loading pkgs/by-name/ol/olivetin/package.nix +4 −3 Original line number Diff line number Diff line Loading @@ -145,12 +145,13 @@ buildGoModule ( knownVulnerabilities = [ "CVE-2026-27626: OS Command Injection via password argument type and webhook JSON extraction bypasses shell safety checks" "CVE-2026-28342: Unauthenticated Denial of Service via Memory Exhaustion in PasswordHash API Endpoint" "CVE-2026-30223: JWT Audience Validation Bypass in Local Key and HMAC Modes" "CVE-2026-28789: Unauthenticated DoS via concurrent map writes in OAuth2 state handling" "CVE-2026-30224: Session Fixation - Logout Fails to Invalidate Server-Side Session" "CVE-2026-28790: Unauthenticated Action Termination via KillAction When Guests Must Login" "CVE-2026-30233: View permission not being checked when returning dashboards" "CVE-2026-30223: JWT Audience Validation Bypass in Local Key and HMAC Modes" "CVE-2026-30224: Session Fixation - Logout Fails to Invalidate Server-Side Session" "CVE-2026-30225: RestartAction always runs actions as guest" "CVE-2026-30233: View permission not being checked when returning dashboards" "CVE-2026-31817: Unsafe parsing of UniqueTrackingId can be used to write files" ]; }; } Loading Loading
pkgs/by-name/ol/olivetin/package.nix +4 −3 Original line number Diff line number Diff line Loading @@ -145,12 +145,13 @@ buildGoModule ( knownVulnerabilities = [ "CVE-2026-27626: OS Command Injection via password argument type and webhook JSON extraction bypasses shell safety checks" "CVE-2026-28342: Unauthenticated Denial of Service via Memory Exhaustion in PasswordHash API Endpoint" "CVE-2026-30223: JWT Audience Validation Bypass in Local Key and HMAC Modes" "CVE-2026-28789: Unauthenticated DoS via concurrent map writes in OAuth2 state handling" "CVE-2026-30224: Session Fixation - Logout Fails to Invalidate Server-Side Session" "CVE-2026-28790: Unauthenticated Action Termination via KillAction When Guests Must Login" "CVE-2026-30233: View permission not being checked when returning dashboards" "CVE-2026-30223: JWT Audience Validation Bypass in Local Key and HMAC Modes" "CVE-2026-30224: Session Fixation - Logout Fails to Invalidate Server-Side Session" "CVE-2026-30225: RestartAction always runs actions as guest" "CVE-2026-30233: View permission not being checked when returning dashboards" "CVE-2026-31817: Unsafe parsing of UniqueTrackingId can be used to write files" ]; }; } Loading
