CVE-2019-16281

CVE-2019-16281

EPSS 1.3%

Ptarmigan before 0.2.3 lacks API token validation, e.g., an "if (token === apiToken) {return true;} return false;" code block.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/nayutaco/ptarmigan/commit/37fd8f9da3bab9d323ddd77f2fd20b6dde8bcf6c https://github.com/nayutaco/ptarmigan/compare/v0.2.2...v0.2.3 https://github.com/nayutaco/ptarmigan/releases/tag/v0.2.3