Icewhaletech Casaos-userservice

4 CVEs affecting Icewhaletech Casaos-userservice. Latest disclosed: 2024-04-01. Critical: 1, High: 1.

Top CVEs affecting Icewhaletech Casaos-userservice
CVESeverityScorePublishedSummary
CVE-2024-24767Critical9.12024-03-06CasaOS-UserService provides user management functionalities to CasaOS. Starting in version 0.4.4.3 and prior to version 0.4.7, CasaOS doesn't defend against pa…
CVE-2024-24765High7.52024-03-06CasaOS-UserService provides user management functionalities to CasaOS. Prior to version 0.4.7, path filtering of the URL for user avatar image files was not st…
CVE-2024-28232Medium6.22024-04-01Go package IceWhaleTech/CasaOS-UserService provides user management functionalities to CasaOS. The Casa OS Login page has disclosed the username enumeration vu…
CVE-2024-24766Medium6.22024-03-06CasaOS-UserService provides user management functionalities to CasaOS. Starting in version 0.4.4.3 and prior to version 0.4.7, the Casa OS Login page disclosed…