Tag
#stigmem-node
The Importance of Out-of-Band Approval in Federation Peer Registration
A recent security advisory revealed a vulnerability in stigmem-node's federation peer registration process, which lacked explicit out-of-band approval. This vulnerability had a severity score of 9.1 and could be exploited if initial registration was intercepted or misdirected. The issue has been patched in version 0.9.0a2.
stigmem-node Vulnerability: Auth-Disabled Deployments Expose to Broad Anonymous Access
A vulnerability in stigmem-node allows auth-disabled deployments to grant broad anonymous access outside loopback environments. Operators who disabled authentication while binding the node to a non-loopback URL are impacted.
Understanding the Risks of Unsigned Plugin Overrides in stigmem-node
A security vulnerability in stigmem-node allowed unsigned plugin overrides without a second explicit acknowledgment, potentially enabling less-trusted users to load unsigned plugin code. This issue has been patched in version 0.9.0a2. Users are advised to upgrade and follow best practices to mitigate the risk.