FKIE_CVE-2026-28789

Vulnerability from fkie_nvd - Published: 2026-03-05 20:16 - Updated: 2026-03-10 15:42
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
OliveTin gives access to predefined shell commands from a web interface. Prior to version 3000.10.3, an unauthenticated denial-of-service vulnerability exists in OliveTin’s OAuth2 login flow. Concurrent requests to /oauth/login can trigger unsynchronized access to a shared registeredStates map, causing a Go runtime panic (fatal error: concurrent map writes) and process termination. This allows remote attackers to crash the service when OAuth2 is enabled. This issue has been patched in version 3000.10.3.
References
security-advisories@github.comhttps://github.com/OliveTin/OliveTin/commit/f044d90d5525c4c8e3f421b32ed7eff771c22d36Patch
security-advisories@github.comhttps://github.com/OliveTin/OliveTin/security/advisories/GHSA-45m3-398w-m2m9Exploit, Vendor Advisory
134c704f-9b21-4f2e-91b3-4a467353bcc0https://github.com/OliveTin/OliveTin/security/advisories/GHSA-45m3-398w-m2m9Exploit, Vendor Advisory
Impacted products
Vendor Product Version
olivetin olivetin *
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:olivetin:olivetin:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B4582D9-169E-40D5-8E85-A2C591F413A9",
              "versionEndIncluding": "3000.10.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "OliveTin gives access to predefined shell commands from a web interface. Prior to version 3000.10.3, an unauthenticated denial-of-service vulnerability exists in OliveTin\u2019s OAuth2 login flow. Concurrent requests to /oauth/login can trigger unsynchronized access to a shared registeredStates map, causing a Go runtime panic (fatal error: concurrent map writes) and process termination. This allows remote attackers to crash the service when OAuth2 is enabled. This issue has been patched in version 3000.10.3."
    },
    {
      "lang": "es",
      "value": "OliveTin proporciona acceso a comandos de shell predefinidos desde una interfaz web. Antes de la versi\u00f3n 3000.10.3, existe una vulnerabilidad de denegaci\u00f3n de servicio no autenticada en el flujo de inicio de sesi\u00f3n OAuth2 de OliveTin. Las solicitudes concurrentes a /oauth/login pueden desencadenar un acceso no sincronizado a un mapa registeredStates compartido, causando un p\u00e1nico en tiempo de ejecuci\u00f3n de Go (error fatal: escrituras concurrentes en el mapa) y la terminaci\u00f3n del proceso. Esto permite a los atacantes remotos bloquear el servicio cuando OAuth2 est\u00e1 habilitado. Este problema ha sido parcheado en la versi\u00f3n 3000.10.3."
    }
  ],
  "id": "CVE-2026-28789",
  "lastModified": "2026-03-10T15:42:11.730",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "security-advisories@github.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2026-03-05T20:16:16.653",
  "references": [
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch"
      ],
      "url": "https://github.com/OliveTin/OliveTin/commit/f044d90d5525c4c8e3f421b32ed7eff771c22d36"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Exploit",
        "Vendor Advisory"
      ],
      "url": "https://github.com/OliveTin/OliveTin/security/advisories/GHSA-45m3-398w-m2m9"
    },
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "tags": [
        "Exploit",
        "Vendor Advisory"
      ],
      "url": "https://github.com/OliveTin/OliveTin/security/advisories/GHSA-45m3-398w-m2m9"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-362"
        },
        {
          "lang": "en",
          "value": "CWE-400"
        },
        {
          "lang": "en",
          "value": "CWE-662"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Secondary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.