GO-2025-3363
- Source
- https://pkg.go.dev/vuln/GO-2025-3363
- Import Source
- https://vuln.go.dev/ID/GO-2025-3363.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/GO-2025-3363
- Aliases
- Published
- 2025-01-07T16:03:18Z
- Modified
- 2025-01-07T16:27:01.435195Z
- Summary
- Karmada Tar Slips in CRDs archive extraction in github.com/karmada-io/karmada
- Details
-
Karmada Tar Slips in CRDs archive extraction in github.com/karmada-io/karmada
- Database specific
{ "review_status": "UNREVIEWED", "url": "https://pkg.go.dev/vuln/GO-2025-3363" }- References
-
- https://github.com/karmada-io/karmada/security/advisories/GHSA-cwrh-575j-8vr3
- https://nvd.nist.gov/vuln/detail/CVE-2024-56514
- https://github.com/karmada-io/karmada/commit/40ec488b18a461ab0f871d2c9ec8665b361f0d50
- https://github.com/karmada-io/karmada/commit/f78e7e2a3d02bed04e9bc7abd3ae7b3ac56862d2
- https://github.com/karmada-io/karmada/pull/5703
- https://github.com/karmada-io/karmada/pull/5713
Affected packages
Go / github.com/karmada-io/karmada
Package
- Name
- github.com/karmada-io/karmada
- View open source insights on deps.dev
- Purl
- pkg:golang/github.com/karmada-io/karmada