A vulnerability was found in csmock where a regular user...
High severity
Unreviewed
Published
Apr 10, 2024
to the GitHub Advisory Database
•
Updated Apr 10, 2024
Description
Published by the National Vulnerability Database
Apr 10, 2024
Published to the GitHub Advisory Database
Apr 10, 2024
Last updated
Apr 10, 2024
A vulnerability was found in csmock where a regular user of the OSH service (anyone with a valid Kerberos ticket) can use the vulnerability to disclose the confidential Snyk authentication token and to run arbitrary commands on OSH workers.
References