Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-vm62-9jw3-c8w3
  • Go/gogs.io/gogs
 Gogs has an argument Injection in the built-in SSH server 3 days ago
  • Fix available
  • Severity - 9.9 (Critical)
GHSA-9pp6-wq8c-3w2c
  • Go/gogs.io/gogs
 Gogs allows argument injection during the previewing of changes 3 days ago
  • Fix available
  • Severity - 9.9 (Critical)
GHSA-ccqv-43vm-4f3w
  • Go/gogs.io/gogs
 Gogs allows deletion of internal files 3 days ago
  • Fix available
  • Severity - 9.9 (Critical)
GHSA-m27m-h5gj-wwmg
  • Go/gogs.io/gogs
 Gogs allows argument Injection when tagging new releases 3 days ago
  • Fix available
  • Severity - 7.7 (High)
GHSA-xwx7-p63r-2rj8
  • Go/github.com/navidrome/navidrome
 Navidrome Stores JWT Secret in Plaintext in navidrome.db 3 days ago
  • Fix available
  • Severity - 7.1 (High)
GHSA-vq94-9pfv-ccqr
  • Go/github.com/apache/trafficcontrol/v8
 SQL injection in Apache Traffic Control 3 days ago
  • Fix available
  • Severity - 9.9 (Critical)
GHSA-qf5v-rp47-55gg
  • Go/gogs.io/gogs
 Path Traversal in file update API in gogs 3 days ago
  • Fix available
  • Severity - 8.7 (High)
GHSA-r7j8-5h9c-f6fx
  • Go/gogs.io/gogs
 Remote Command Execution in file editing in gogs 3 days ago
  • Fix available
  • Severity - 8.7 (High)
GO-2024-3101
  • Go/github.com/CosmWasm/wasmvm
 Excessive number of function parameters in compiled Wasm in github.com/CosmWasm/wasmvm 6 days ago
  • Fix available
GO-2024-3344
  • Go/filippo.io/age
 Malicious plugin names, recipients, or identities causing arbitrary binary execution in filippo.io/age 6 days ago
  • Fix available
GO-2024-3109
  • Go/github.com/metal3-io/baremetal-operator
 The Bare Metal Operator (BMO) can expose particularly named secrets from other namespaces via BMH CRD in github.com/metal3-io/baremetal-operator 6 days ago
  • Fix available
GO-2024-3342
  • Go/github.com/traefik/traefik
  • Go/github.com/traefik/traefik/v2
  • Go/github.com/traefik/traefik/v3
 Traefik affected by CVE-2024-53259 in github.com/traefik/traefik 6 days ago
  • Fix available
GO-2024-3343
  • Go/open-cluster-management.io/ocm
 Open Cluster Management vulnerable to Trust Boundary Violation in open-cluster-management.io/ocm 6 days ago
  • Fix available
GO-2024-3349
  • Go/github.com/openshift/must-gather
 OpenShift Must Gather Operator Improper Input Validation vulnerability in github.com/openshift/must-gather 6 days ago
  • No fix available
GO-2024-3350
  • Go/github.com/clidey/whodb/core
 WhoDB Allows Unbounded Memory Consumption in Authentication Middleware Can Lead to Denial of Service in github.com/clidey/whodb/core 6 days ago
  • No fix available
GO-2024-3354
  • Go/github.com/hashicorp/nomad
 Hashicorp Nomad Incorrect Privilege Assignment vulnerability in github.com/hashicorp/nomad 6 days ago
  • Fix available
Load more...