CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-45308 – MySQL & free URL mode allows to hide existing notes in hedgedoc
https://notcve.org/view.php?id=CVE-2024-45308
02 Sep 2024 — HedgeDoc is an open source, real-time, collaborative, markdown notes application. When using HedgeDoc 1 with MySQL or MariaDB, it is possible to create notes with an alias matching the ID of existing notes. The affected existing note can then not be accessed anymore and is effectively hidden by the new one. When the freeURL feature is enabled (by setting the `allowFreeURL` config option or the `CMD_ALLOW_FREEURL` environment variable to `true`), any user with the appropriate permissions can create a note wi... • https://github.com/hedgedoc/hedgedoc/security/advisories/GHSA-pjf2-269h-cx7p • CWE-1289: Improper Validation of Unsafe Equivalence in Input •
CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-38487 – HedgeDoc API allows to hide existing notes
https://notcve.org/view.php?id=CVE-2023-38487
04 Aug 2023 — HedgeDoc is software for creating real-time collaborative markdown notes. Prior to version 1.9.9, the API of HedgeDoc 1 can be used to create notes with an alias matching the ID of existing notes. The affected existing note can then not be accessed anymore and is effectively hidden by the new one. When the freeURL feature is enabled (by setting the `allowFreeURL` config option or the `CMD_ALLOW_FREEURL` environment variable to `true`), any user with the appropriate permissions can create a note by making a ... • https://github.com/hedgedoc/hedgedoc/pull/4476/commits/781263ab84255885e1fe60c7e92e2f8d611664d2 • CWE-289: Authentication Bypass by Alternate Name •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-24837 – Enumerable upload file names in hedgedoc
https://notcve.org/view.php?id=CVE-2022-24837
11 Apr 2022 — HedgeDoc is an open-source, web-based, self-hosted, collaborative markdown editor. Images uploaded with HedgeDoc version 1.9.1 and later have an enumerable filename after the upload, resulting in potential information leakage of uploaded documents. This is especially relevant for private notes and affects all upload backends, except Lutim and imgur. This issue is patched in version 1.9.3 by replacing the filename generation with UUIDv4. If you cannot upgrade to HedgeDoc 1.9.3, it is possible to block POST r... • https://github.com/hedgedoc/hedgedoc/commit/9e2f9e21e904c4a319e84265da7ef03b0a8e343a • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-434: Unrestricted Upload of File with Dangerous Type •