Vulnerabilities

ID
Packages
Summary
Published
arrow_upward
Attributes
GO-2024-3292
  • Go/github.com/cri-o/cri-o
CRI-O: Maliciously structured checkpoint file can gain arbitrary node access in github.com/cri-o/cri-o 4 days ago
  • Fix available
GO-2024-3304
  • Go/github.com/moby/moby
Moby Race Condition vulnerability in github.com/moby/moby 4 days ago
  • Fix available
GO-2024-3305
  • Go/github.com/moby/moby
Moby Race Condition vulnerability in github.com/moby/moby 4 days ago
  • Fix available
GO-2024-3307
  • Go/github.com/mochi-mqtt/server
CVE-2024-50948 in github.com/mochi-mqtt/server 4 days ago
  • No fix available
GO-2024-3308
  • Go/github.com/kolide/launcher
Kolide Agent Privilege Escalation (Windows, Versions >= 1.5.3, < 1.12.3) in github.com/kolide/launcher 4 days ago
  • Fix available
GO-2024-3310
  • Go/github.com/cli/cli
  • Go/github.com/cli/cli/v2
Downloading malicious GitHub Actions workflow artifact results in path traversal vulnerability in github.com/cli/cli 4 days ago
  • Fix available
GO-2024-3302
  • Go/github.com/quic-go/quic-go
quic-go affected by an ICMP Packet Too Large Injection Attack on Linux in github.com/quic-go/quic-go 4 days ago
  • Fix available
GHSA-2m9h-r57g-45pj
  • Go/github.com/cli/cli/v2
  • Go/github.com/cli/cli
Downloading malicious GitHub Actions workflow artifact results in path traversal vulnerability 4 days ago
  • Fix available
  • Severity - 6.3 (Medium)
GHSA-66q9-2rvx-qfj5
  • Go/github.com/kolide/launcher
Kolide Agent Privilege Escalation (Windows, Versions >= 1.5.3, < 1.12.3) 4 days ago
  • Fix available
  • Severity - 7.3 (High)
GHSA-7mwh-q3xm-qh6p
  • Go/vitess.io/vitess
Vitess allows HTML injection in /debug/querylogz & /debug/env 4 days ago
  • Fix available
  • Severity - 6.9 (Medium)
GHSA-h36c-m3rf-34h9
  • Go/github.com/argoproj/argo-workflows/v3
Access to Archived Argo Workflows with Fake Token in `client` mode 5 days ago
  • Fix available
  • Severity - 6.3 (Medium)
GHSA-q9rr-h3hx-m87g
  • Go/github.com/bunkerity/bunkerweb
BunkerWeb has Open Redirect Vulnerability in Loading Page 5 days ago
  • Fix available
  • Severity - 5.1 (Medium)
GO-2024-3294
  • Go/github.com/bunkerity/bunkerweb
Open Redirect Vulnerability in Loading Page in bunkerweb in github.com/bunkerity/bunkerweb 5 days ago
  • Fix available
GO-2024-3296
  • Go/github.com/cli/cli
  • Go/github.com/cli/cli/v2
Recursive repository cloning can leak authentication tokens to non-GitHub submodule hosts in github.com/cli/cli 5 days ago
  • Fix available
GO-2024-3299
  • Go/github.com/traefik/traefik
  • Go/github.com/traefik/traefik/v2
  • Go/github.com/traefik/traefik/v3
Traefik's X-Forwarded-Prefix Header still allows for Open Redirect in github.com/traefik/traefik 5 days ago
  • Fix available
GO-2024-3300
  • Go/github.com/drakkan/sftpgo
  • Go/github.com/drakkan/sftpgo/v2
sftpgo vulnerable to brute force takeover of OpenID Connect session cookies in github.com/drakkan/sftpgo 5 days ago
  • Fix available