Automatically updated on Wed, 02 Jun 2021 04:56:35 GMT

Author: prisis

_site/_headers

@@ -1,2 +1,2 @@
 /*
-  Last-Modified: Thu, 27 May 2021 04:52:58 GMT
+  Last-Modified: Wed, 02 Jun 2021 04:56:35 GMT

security-advisories-sha

@@ -1 +1 @@
-1272f2aa794059308dce5b5bb45fd31d9ecd01c4628
+1282f2aa794059308dce5b5bb45fd31d9ecd01c4628

security-advisories.json

@@ -18422,6 +18422,22 @@
             "reference": "composer://personnummer/personnummer"
         }
     },
+    "phanan/koel": {
+        "CVE-2021-33563": {
+            "title": "Koel before 5.1.4 lacks login throttling, lacks a password strength policy, and shows whether a failed login attempt had a valid username. This might make brute-force attacks easier.",
+            "link": "https://github.com/advisories/GHSA-r37h-j483-cjjm",
+            "cve": "CVE-2021-33563",
+            "branches": {
+                "5.1.x": {
+                    "time": 1622583500,
+                    "versions": [
+                        "< 5.1.4"
+                    ]
+                }
+            },
+            "reference": "composer://phanan/koel"
+        }
+    },
     "phpfastcache/phpfastcache": {
         "CVE-2019-16774": {
             "title": "## Object injection in cookie driver\n\n### Impact\nAn possible object injection has been discovered in cookie driver prior 5.0.13 versions (of 5.x releases).\n\n### Patches\nThe issue has been addressed by enforcing JSON conversion when deserializing\n\n### Workarounds\nIf you can't fix it, use another driver such as \"Files\" (Filesystem)\n\n### References\nFixing release: https://github.com/PHPSocialNetwork/phpfastcache/releases/tag/5.0.13\n\n### For more information\nIf you have any questions or comments about this advisory:\n* Open an issue in [the issue tracker](https://github.com/PHPSocialNetwork/phpfastcache/issues)\n* Email us at [security@geolim4.com](mailto:security@geolim4.com)",