pubtools-quay@0.26.1 vulnerabilities

Pubtools-quay

latest version

0.27.0
first published

4 years ago
latest version published

5 days ago
licenses detected
- LGPL-3.0
  [0,)
View pubtools-quay package health on Snyk Advisor Open this link in a new tab

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the pubtools-quay package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability Vulnerable Version

Vulnerability	Vulnerable Version
M Improper Access Control Affected versions of this package are vulnerable to Improper Access Control due to improper validation of OAuth application tokens. An attacker could obtain the client ID for an application. The attacker could use an OAuth token to authenticate despite not having access to the organization from which the application was created. Note: This issue is limited to authentication and not authorization. How to fix Improper Access Control? There is no fixed version for `pubtools-quay`.	[0,)

Improper Access Control

Affected versions of this package are vulnerable to Improper Access Control due to improper validation of OAuth application tokens. An attacker could obtain the client ID for an application. The attacker could use an OAuth token to authenticate despite not having access to the organization from which the application was created.

Note: This issue is limited to authentication and not authorization.

How to fix Improper Access Control?

There is no fixed version for pubtools-quay.

[0,)

Go back to all versions of this package

pubtools-quay@0.26.1 vulnerabilities

Pubtools-quay

latest version

first published

latest version published

licenses detected

Direct Vulnerabilities