khoj@2.0.0b29.dev4

Your Second Brain

  • latest version

    1.42.10.dev3

  • first published

    1 years ago

  • latest version published

    0 years ago

  • licenses detected

  • Direct Vulnerabilities

    Known vulnerabilities in the khoj package. This does not include vulnerabilities belonging to this package’s dependencies.

    Fix vulnerabilities automatically

    Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

    Fix for free
    VulnerabilityVulnerable Version
    • M
    Incorrect Authorization

    khoj is a Your Second Brain

    Affected versions of this package are vulnerable to Incorrect Authorization in the Conversation Sharing Handler when processing the conversation.agent argument. An attacker can gain unauthorized access to conversation data or perform actions with insufficient authorization by exploiting improper authorization checks in the affected API endpoint.

    How to fix Incorrect Authorization?

    A fix was pushed into the master branch but not yet published.

    [0,)
    • L
    Missing Authorization

    khoj is a Your Second Brain

    Affected versions of this package are vulnerable to Missing Authorization in the OAuth callback endpoint. An attacker can gain unauthorized access to and manipulate another user's Notion integration by supplying a known UUID in the state parameter, which can be obtained from shared conversations containing AI-generated images. This allows the attacker to replace the victim's Notion configuration and potentially poison the search index by syncing their own Notion account.

    How to fix Missing Authorization?

    There is no fixed version for khoj.

    [0,)