Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-7xqm-7738-642x
  • Go/github.com/filebrowser/filebrowser
 File Browser's Uncontrolled Memory Consumption vulnerability can enable DoS attack due to oversized file processing yesterday
  • No fix available
  • Severity - 7.7 (High)
GHSA-7xwp-2cpp-p8r7
  • Go/github.com/filebrowser/filebrowser
 File Browser’s insecure JWT handling can lead to session replay attacks after logout yesterday
  • No fix available
  • Severity - 7.7 (High)
GHSA-ggmv-j932-q89q
  • Go/github.com/ctfer-io/chall-manager
 Chall-Manager's HTTP Gateway is vulnerable to DoS due to missing header timeout 10 Jul
  • Fix available
  • Severity - 8.7 (High)
GHSA-r7fm-3pqm-ww5w
  • Go/github.com/ctfer-io/chall-manager
 Chall-Manager's scenario decoding process does not check for zip bombs 10 Jul
  • Fix available
  • Severity - 8.7 (High)
GHSA-3gv2-v3jx-r9fh
  • Go/github.com/ctfer-io/chall-manager
 Chall-Manager is vulnerable to Path Traversal when extracting/decoding a zip archive 10 Jul
  • Fix available
  • Severity - 8.8 (High)
GHSA-phhq-63jg-fp7r
  • Go/github.com/edgelesssys/contrast
 Contrast vulnerability allows arbitrary host data Injection into container VOLUME mount points 09 Jul
  • Fix available
  • Severity - 3.5 (Low)
GHSA-4vc8-wvhw-m5gv
  • Go/github.com/juju/juju
 Juju allows arbitrary executable uploads via authenticated endpoint without authorization 09 Jul
  • Fix available
  • Severity - 8.8 (High)
GHSA-r64v-82fh-xc63
  • Go/github.com/juju/juju
 Juju vulnerable to sensitive log retrieval via authenticated endpoint without authorization 09 Jul
  • Fix available
  • Severity - 6.5 (Medium)
GHSA-24ch-w38v-xmh8
  • Go/github.com/juju/juju
 Juju zip slip vulnerability via authenticated endpoint 09 Jul
  • Fix available
  • Severity - 8.8 (High)
GHSA-p22h-3m2v-cmgh
  • Go/github.com/cosmos/cosmos-sdk
 Cosmos SDK's Integer Overflow vulnerability in its Validator Rewards pool can cause a chain halt 08 Jul
  • Fix available
  • Severity - 7.7 (High)
GHSA-557j-xg8c-q2mm
  • Go/helm.sh/helm/v3
 Helm vulnerable to Code Injection through malicious chart.yaml content 08 Jul
  • Fix available
  • Severity - 8.5 (High)
GHSA-rj53-j6jw-7f7g
  • Go/github.com/babylonlabs-io/babylon/v2
 Babylon vulnerable to chain halt when a message modifies the validator set at the epoch boundary 08 Jul
  • Fix available
  • Severity - 8.9 (High)
GHSA-gj54-gwj9-x2c6
  • Go/github.com/lf-edge/ekuiper/v2
  • Go/github.com/lf-edge/ekuiper
 eKuiper /config/uploads API arbitrary file writing may lead to RCE 03 Jul
  • Fix available
  • Severity - 7.3 (High)
GHSA-fv2p-qj5p-wqq4
  • Go/github.com/lf-edge/ekuiper/v2
  • Go/github.com/lf-edge/ekuiper
 LF Edge eKuiper vulnerable to File Path Traversal leading to file replacement 03 Jul
  • Fix available
  • Severity - 8.5 (High)
GHSA-h34r-jxqm-qgpr
  • Go/github.com/juju/utils/v4/cert
 juju/utils leaks private key in certs 01 Jul
  • Fix available
  • Severity - 6.5 (Medium)
GHSA-v8fr-vxmw-6mf6
  • Go/github.com/mattermost/mattermost-server
  • Go/github.com/mattermost/mattermost/server/v8
 Mattermost Incorrect Authorization vulnerability 30 Jun
  • Fix available
  • Severity - 5.4 (Medium)
Load more...