{"id":"CVE-2019-16281","details":"Ptarmigan before 0.2.3 lacks API token validation, e.g., an \"if (token === apiToken) {return true;} return false;\" code block.","modified":"2026-03-14T09:33:14.742387Z","published":"2020-12-30T21:15:12.580Z","references":[{"type":"ADVISORY","url":"https://github.com/nayutaco/ptarmigan/releases/tag/v0.2.3"},{"type":"FIX","url":"https://github.com/nayutaco/ptarmigan/commit/37fd8f9da3bab9d323ddd77f2fd20b6dde8bcf6c"},{"type":"FIX","url":"https://github.com/nayutaco/ptarmigan/compare/v0.2.2...v0.2.3"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/nayutaco/ptarmigan","events":[{"introduced":"0"},{"fixed":"207f7632201a1858dd0c1a122fe2b499f6331756"},{"fixed":"37fd8f9da3bab9d323ddd77f2fd20b6dde8bcf6c"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"0.2.3"}]}}],"versions":["2018-01-25","2018-01-29","2018-02-18","2018-03-03","2018-03-13","2018-04-11","2018-08-03","2019-04-22","2019-04-23","2019-04-24","2019-04-25","2019-04-26","v0.2.0","v0.2.1","v0.2.2"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-16281.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}]}