CVE-2021-25991

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2021-25991

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-25991.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2021-25991

Published

2021-12-29T09:15:09.467Z

Modified

2025-11-14T11:32:15.093767Z

Severity

7.3 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H CVSS Calculator

Summary

[none]

Details

In Ifme, versions v5.0.0 to v7.32 are vulnerable against an improper access control, which makes it possible for admins to ban themselves leading to their deactivation from Ifme account and complete loss of admin access to Ifme.

References

Affected packages

Git / github.com/ifmeorg/ifme

Affected ranges

Type: GIT
Repo: https://github.com/ifmeorg/ifme
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

d1f570c458d41667df801fc9c40a18b181a2d923

Affected versions

1.*

1.0.0

v.*

v.3.5.0

v.7.31.2

v1.*

v1.0.0

v1.0.1

v1.1.0

v1.2.0

v1.2.1

v1.3.0

v1.3.1

v1.4.0

v1.5.0

v2.*

v2.0.0

v3.*

v3.0.0

v3.0.1

v3.1.0

v3.1.1

v3.2.0

v3.3.0

v3.3.1

v3.4.0

v3.4.1

v3.4.2

v3.5.0

v4.*

v4.0.0

v4.1.0

v4.2.0

v4.3.0

v4.4.0

v5.*

v5.0.0

v5.0.1

v5.1.0

v5.2.0

v5.2.1

v6.*

v6.0.0

v6.0.1

v6.0.2

v6.1.0

v6.1.1

v6.1.2

v6.10.0

v6.10.1

v6.11.0

v6.12.0

v6.13.0

v6.14.0

v6.15.0

v6.16.0

v6.17.0

v6.18.0

v6.19.0

v6.2.0

v6.2.1

v6.3.0

v6.4.0

v6.5.0

v6.5.1

v6.5.2

v6.6.0

v6.7.0

v6.7.1

v6.8.0

v6.9.0

v6.9.1

v7.*

v7.0.0

v7.1.0

v7.10.0

v7.10.1

v7.10.2

v7.10.3

v7.10.4

v7.10.5

v7.10.6

v7.10.7

v7.10.8

v7.10.9

v7.11.0

v7.12.0

v7.12.1

v7.12.2

v7.12.3

v7.12.4

v7.12.5

v7.12.6

v7.12.7

v7.12.8

v7.12.9

v7.13.0

v7.13.1

v7.13.2

v7.13.3

v7.13.4

v7.13.5

v7.13.6

v7.13.7

v7.14.0

v7.14.1

v7.14.2

v7.14.3

v7.15.0

v7.15.1

v7.15.2

v7.15.3

v7.15.4

v7.15.5

v7.16.0

v7.16.1

v7.17.0

v7.18.0

v7.18.1

v7.18.2

v7.19.0

v7.19.1

v7.19.2

v7.19.3

v7.2.0

v7.20.0

v7.20.1

v7.21.0

v7.21.1

v7.22.0

v7.22.1

v7.22.2

v7.22.3

v7.22.4

v7.22.5

v7.23.0

v7.23.1

v7.24.0

v7.24.1

v7.24.2

v7.24.3

v7.24.4

v7.24.5

v7.24.6

v7.24.7

v7.24.8

v7.24.9

v7.25.0

v7.25.1

v7.25.2

v7.25.3

v7.25.4

v7.26.0

v7.26.1

v7.26.2

v7.26.3

v7.27.0

v7.27.1

v7.28.0

v7.29.0

v7.29.1

v7.29.2

v7.29.3

v7.29.4

v7.3.0

v7.30.0

v7.30.1

v7.30.10

v7.30.11

v7.30.12

v7.30.13

v7.30.2

v7.30.3

v7.30.4

v7.30.5

v7.30.6

v7.30.7

v7.30.8

v7.30.9

v7.31.0

v7.31.1

v7.31.2

v7.31.3

v7.31.4

v7.32

v7.4.0

v7.4.1

v7.5.0

v7.6.0

v7.7.0

v7.7.1

v7.8.0

v7.8.1

v7.8.2

v7.8.3

v7.8.4

v7.8.5

v7.8.6

v7.8.7

v7.8.8

v7.9.0

v7.9.1

v7.9.2

v7.9.3

v7.9.4

v7.9.5

v7.9.6

v7.9.7

v7.9.8

v7.9.9

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-25991.json"