pubtools-quay@0.31.0 vulnerabilities

Pubtools-quay

latest version

0.36.0

first published

4 years ago

latest version published

4 months ago

licenses detected

LGPL-3.0
[0,)

View pubtools-quay package health on Snyk Advisor (opens in a new tab)

Go back to all versions of this package

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the pubtools-quay package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability Vulnerable Version

Vulnerability	Vulnerable Version
M Improper Access Control Affected versions of this package are vulnerable to Improper Access Control due to improper validation of OAuth application tokens. An attacker could obtain the client ID for an application. The attacker could use an OAuth token to authenticate despite not having access to the organization from which the application was created. Note: This issue is limited to authentication and not authorization. How to fix Improper Access Control? There is no fixed version for `pubtools-quay`.	[0,)

Improper Access Control

Affected versions of this package are vulnerable to Improper Access Control due to improper validation of OAuth application tokens. An attacker could obtain the client ID for an application. The attacker could use an OAuth token to authenticate despite not having access to the organization from which the application was created.

Note: This issue is limited to authentication and not authorization.

How to fix Improper Access Control?

There is no fixed version for pubtools-quay.

[0,)

Go back to all versions of this package