Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

GSA_kwCzR0hTQS1yNmc4LW1xOXYtY2dwNM4AASqX

High EPSS: 0.0028% (0.50871 Percentile) EPSS:
Permalink JSON

Froxlor Incorrect Access Control

Affected Packages Affected Versions Fixed Versions
packagist:froxlor/froxlor < 0.9.40 0.9.40
0 Dependent packages
0 Dependent repositories
22 Downloads total

Affected Version Ranges

All affected versions

All unaffected versions

0.10.0, 0.10.1, 0.10.2, 0.10.3, 0.10.4, 0.10.5, 0.10.6, 0.10.7, 0.10.8, 0.10.9, 0.10.10, 0.10.11, 0.10.12, 0.10.13, 0.10.14, 0.10.15, 0.10.16, 0.10.17, 0.10.18, 0.10.19, 0.10.20, 0.10.21, 0.10.22, 0.10.23, 0.10.24, 0.10.25, 0.10.26, 0.10.27, 0.10.28, 0.10.29, 0.10.30, 0.10.31, 0.10.32, 0.10.33, 0.10.34, 0.10.35, 0.10.36, 0.10.37, 0.10.38, 2.0.0, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, 2.0.6, 2.0.7, 2.0.8, 2.0.9, 2.0.10, 2.0.11, 2.0.12, 2.0.13, 2.0.14, 2.0.15, 2.0.16, 2.0.17, 2.0.18, 2.0.19, 2.0.20, 2.0.21, 2.0.22, 2.0.23, 2.0.24, 2.1.0, 2.1.1, 2.1.2, 2.1.3, 2.1.4, 2.1.5, 2.1.6, 2.1.7, 2.1.8, 2.1.9, 2.2.0, 2.2.1, 2.2.2, 2.2.3, 2.2.4, 2.2.5, 2.2.6, 2.2.7, 2.2.8

Froxlor through 0.9.39.5 has Incorrect Access Control for tickets not owned by the current user.

References:

Identifiers

GHSA-r6g8-mq9v-cgp4

CVE-2018-12642

Risk

Severity

High

EPSS

EPSS Percentage: 0.0028

EPSS Percentile: 0.50871

Classification

General

Source

GitHub Advisory Database

Origin

Unspecified

Repository

https://github.com/Froxlor/Froxlor

Date and time

Published

about 3 years ago

Updated

over 1 year ago

API

JSON