Jvyden

**Name of the Vulnerable Software and Affected Versions** Bunkum versions prior to 4.2.1 **Description** Bunkum is an open-source protocol-agnostic request server for custom game servers. The `AuthenticationService` initially supported injecting `IUser`s, but later added support for injecting `IToken`s into endpoints. However, this change led to caching issues, causing cached tokens to persist after the lifetime of the request. When a token expired, downstream projects would remove the object from Realm, causing the object in the cache to be in a detached state and resulting in an exception from invalid use of `IToken.User`. This is a use-after-free issue, as Realm cannot manage the lifetime of the cached token. The scope of this issue is fairly limited, and it can only be exploited on a couple of endpoints given certain conditions. User interaction is required, as authenticated requests must be performed. **Recommendations** To resolve the issue, update to version 4.2.1, which includes the fix to wipe the token cache after the request was handled. At the moment, there is no information about other workarounds for versions in the 4.X.X range.