Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-r4pg-vg54-wxx4
  • Go/github.com/cert-manager/cert-manager
 cert-manager ha a potential slowdown / DoS when parsing specially crafted PEM inputs 9 hours ago
  • Fix available
  • Severity - 6.9 (Medium)
GHSA-9c5p-35gj-jqp4
  • Go/github.com/rancher/rancher
 Rancher Helm Applications may have sensitive values leaked 11 hours ago
  • Fix available
  • Severity - 6.2 (Medium)
GHSA-7225-m954-23v7
  • Go/cosmossdk.io/math
 ASA-2024-010: cosmossdk.io/math: Mismatched bit-length validation in sdk.Int and sdk.Dec can lead to panic 12 hours ago
  • Fix available
  • Severity - 8.7 (High)
GHSA-j5hq-5jcr-xwx7
  • Go/github.com/rancher/steve
 github.com/rancher/steve's users can issue watch commands for arbitrary resources 12 hours ago
  • Fix available
  • Severity - 7.7 (High)
GO-2024-3122
  • Go/github.com/consensys/gnark
 gnark's Groth16 commitment extension unsound for more than one commitment in github.com/consensys/gnark 13 hours ago
  • Fix available
GO-2024-3140
  • Go/github.com/grafana/grafana-plugin-sdk-go
 Grafana plugin SDK Information Leakage in github.com/grafana/grafana-plugin-sdk-go 13 hours ago
  • Fix available
GO-2024-3259
  • Go/github.com/cometbft/cometbft
 CometBFT Vote Extensions: Panic when receiving a Pre-commit with an invalid data in github.com/cometbft/cometbft 13 hours ago
  • Fix available
GO-2024-3265
  • Go/github.com/runatlantis/atlantis
 Git credentials are exposed in Atlantis logs in github.com/runatlantis/atlantis 13 hours ago
  • Fix available
GHSA-hrxh-9w67-g4cv
  • Go/github.com/rclone/rclone
 Rclone has Improper Permission and Ownership Handling on Symlink Targets with --links and --metadata yesterday
  • Fix available
  • Severity - 5.4 (Medium)
GO-2024-3267
  • Go/github.com/tobychui/zoraxy
 Zoraxy has an authenticated command injection in the Web SSH feature in github.com/tobychui/zoraxy yesterday
  • Fix available
GO-2024-3269
  • Go/github.com/cli/cli
  • Go/github.com/cli/cli/v2
 Connecting to a malicious Codespaces via GH CLI could allow command execution on the user's computer in github.com/cli/cli yesterday
  • Fix available
GO-2024-3271
  • Go/github.com/rclone/rclone
 Rclone Improper Permission and Ownership Handling on Symlink Targets with --links and --metadata in github.com/rclone/rclone yesterday
  • Fix available
GO-2024-3272
  • Go/github.com/magma/magma
 CVE-2024-24425 in github.com/magma/magma yesterday
  • No fix available
GO-2024-3273
  • Go/github.com/magma/magma
 CVE-2024-24426 in github.com/magma/magma yesterday
  • No fix available
GO-2024-3274
  • Go/github.com/usememos/memos
 Stored XSS using two files in usememos/memos in github.com/usememos/memos yesterday
  • Fix available
GO-2024-3275
  • Go/gogs.io/gogs
 Unpatched Remote Code Execution in Gogs in gogs.io/gogs yesterday
  • No fix available
Load more...