github.com/mayswind/ezbookkeeping (Go) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the Go package github.com/mayswind/ezbookkeeping, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (2)
CVE-2024-57604 — CVSS 9.8 (critical): An issue in MaysWind ezBookkeeping 0.7.0 allows a remote attacker to escalate privileges via the token component.
CVE-2024-57603 — CVSS 6.3 (medium): An issue in MaysWind ezBookkeeping 0.7.0 allows a remote attacker to escalate privileges via the lack of rate limiting.