Vulnerability Library

search
ID
Packages
Summary
Affected versions
Published
Fix
GHSA-qq22-jj8x-4wwv
  • Go/github.com/pterodactyl/wings
 Pterodactyl Wings vulnerable to Server-Side Request Forgery during remote file pull
  • See details.
 2024-05-03T20:29:59Z Fix available
GHSA-gqmf-jqgv-v8fw
  • Go/github.com/pterodactyl/wings
 Pterodactyl Wings vulnerable to Arbitrary File Write/Read
  • See details.
 2024-05-03T20:28:10Z Fix available
GHSA-6fg2-hvj9-832f
  • Go/github.com/piraeusdatastore/piraeus-operator/v2
 piraeus-operator allows attacker to impersonate service account
  • See details.
 2024-05-03T18:30:36Z No fix available
GHSA-v84h-653v-4pq9
  • Go/github.com/jub0bs/fcors
 Some CORS middleware allow untrusted origins
  • See details.
 2024-05-03T17:34:21Z Fix available
GHSA-vhxv-fg4m-p2w8
  • Go/github.com/jub0bs/cors
 Some CORS middleware allow untrusted origins
  • See details.
 2024-05-03T17:34:17Z Fix available
GHSA-wccg-v638-j9q2
  • Go/github.com/karmada-io/karmada
 karmada vulnerable to arbitrary code execution via a crafted command
  • See details.
 2024-05-02T21:30:29Z No fix available
GHSA-4q63-mr2m-57hf
  • Go/kubevirt.io/kubevirt
 kubevirt allows a local attacker to execute arbitrary code via a crafted command
  • See details.
 2024-05-02T18:30:55Z No fix available
GHSA-q5qj-x2h5-3945
  • Go/github.com/zitadel/zitadel
 Zitadel exposing internal database user name and host information
  • See details.
 2024-05-01T16:36:04Z Fix available
GHSA-4jrx-5w4h-3gpm
  • Go/github.com/navidrome/navidrome
 Navidrome Parameter Tampering vulnerability
  • See details.
 2024-05-01T08:29:48Z Fix available
GHSA-2cgq-h8xw-2v5j
  • Go/github.com/cri-o/cri-o
 CRI-O vulnerable to an arbitrary systemd property injection
  • See details.
 2024-04-30T09:39:38Z Fix available
GO-2024-2744
  • Go/github.com/authelia/authelia/v4
 Access control change may take longer than expected in github.com/authelia/authelia/v4
  • See details.
 2024-04-26T20:05:56Z Fix available
GO-2024-2743
  • Go/github.com/apache/incubator-answer
 XSS vulnerability via personal website in github.com/apache/incubator-answer
  • See details.
 2024-04-26T20:05:51Z Fix available
GHSA-9m6p-x4h2-6frq
  • Go/github.com/argoproj/argo-cd/v2
 Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences
  • See details.
 2024-04-26T16:40:35Z Fix available
GHSA-5fh7-7mw7-mmx5
  • Go/github.com/mattermost/mattermost-server
 Mattermost allows team admins to promote guests to team admins
  • See details.
 2024-04-26T09:30:35Z Fix available
GHSA-5qx9-9ffj-5r8f
  • Go/github.com/mattermost/mattermost-server
 Mattermost fails to fully validate role changes
  • See details.
 2024-04-26T09:30:34Z Fix available
GHSA-8f99-g2pj-x8w3
  • Go/github.com/mattermost/mattermost-server
 Mattermost crashes web clients via a malformed custom status
  • See details.
 2024-04-26T09:30:34Z Fix available
Load more...