Filtered by vendor Linecorp
Subscriptions
Total
84 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-43299 | 1 Linecorp | 1 Line | 2024-08-02 | 5.3 Medium |
An issue in DA BUTCHERS mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token. | ||||
CVE-2023-43300 | 1 Linecorp | 1 Line | 2024-08-02 | 8.2 High |
An issue in urban_project mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token. | ||||
CVE-2023-38493 | 1 Linecorp | 1 Armeria | 2024-08-02 | 7.5 High |
Armeria is a microservice framework Spring supports Matrix variables. When Spring integration is used, Armeria calls Spring controllers via `TomcatService` or `JettyService` with the path that may contain matrix variables. Prior to version 1.24.3, the Armeria decorators might not invoked because of the matrix variables. If an attacker sends a specially crafted request, the request may bypass the authorizer. Version 1.24.3 contains a patch for this issue. | ||||
CVE-2024-1143 | 1 Linecorp | 1 Central Dogma | 2024-08-01 | 9.3 Critical |
Central Dogma versions prior to 0.64.1 is vulnerable to Cross-Site Scripting (XSS), which could allow for the leakage of user sessions and subsequent authentication bypass. |