Vulnerability Library

ID
Packages
Summary
Affected versions
Published
Fix
GHSA-h3m7-rqc4-7h9p
  • Go/github.com/authzed/spicedb
Integer overflow in chunking helper causes dispatching to miss elements or panic
  • See details.
2024-03-01T23:32:10Z Fix available
GO-2024-2554
  • Go/helm.sh/helm/v3
Path traversal in helm.sh/helm/v3
  • See details.
2024-02-29T17:17:45Z Fix available
GO-2022-0427
  • Go/github.com/swaggo/http-swagger
Unprotected file upload in github.com/swaggo/http-swagger
  • See details.
2024-02-29T15:38:09Z Fix available
GHSA-3g35-v53r-gpxc
  • Go/github.com/mattermost/mattermost/server/v8
Mattermost race condition
  • See details.
2024-02-29T12:31:06Z Fix available
GHSA-hwjf-4667-gqwx
  • Go/github.com/mattermost/mattermost/server/v8
Mattermost allows attackers access to posts in channels they are not a member of
  • See details.
2024-02-29T12:31:06Z Fix available
GHSA-r4fm-g65h-cr54
  • Go/github.com/mattermost/mattermost/server/v8
Mattermost incorrectly allows access individual posts
  • See details.
2024-02-29T12:31:06Z Fix available
GHSA-vm9m-57jr-4pxh
  • Go/github.com/mattermost/mattermost/server/v8
Mattermost fails to limit the number of role names
  • See details.
2024-02-29T12:31:06Z Fix available
GHSA-6mx3-9qfh-77gj
  • Go/github.com/mattermost/mattermost/server/v8
Mattermost denial of service through long emoji value
  • See details.
2024-02-29T09:30:34Z Fix available
GHSA-7v3v-984v-h74r
  • Go/github.com/mattermost/mattermost/server/v8
Mattermost leaks details of AD/LDAP groups of a teams
  • See details.
2024-02-29T09:30:34Z Fix available
GHSA-fx48-xv6q-6gp3
  • Go/github.com/mattermost/mattermost/server/v8
Mattermost post fetching without auditing in compliance export
  • See details.
2024-02-29T09:30:34Z Fix available
GHSA-pfw6-5rx3-xh3c
  • Go/github.com/mattermost/mattermost/server/v8
Mattermost fails to check the "invite_guest" permission
  • See details.
2024-02-29T09:30:34Z Fix available
GHSA-xgxj-j98c-59rv
  • Go/github.com/mattermost/mattermost/server/v8
Mattermost fails to properly restrict the access of files attached to posts
  • See details.
2024-02-29T09:30:34Z Fix available
GHSA-49w7-5r33-jm9m
  • Go/github.com/swaggo/http-swagger
http-swagger XSS via PUT requests
  • See details.
2024-02-29T03:33:18Z Fix available
GHSA-6294-6rgp-fr7r
  • Go/github.com/dvsekhvalnov/jose2go
jose2go vulnerable to denial of service via large p2c value
  • See details.
2024-02-29T03:33:14Z Fix available
GHSA-555p-m4v6-cqxv
  • Go/github.com/cometbft/cometbft
ASA-2024-004: Default configuration param for Evidence may limit window of validity
  • See details.
2024-02-28T18:06:24Z No fix available
GHSA-86h5-xcpx-cfqc
  • Go/github.com/cosmos/cosmos-sdk
ASA-2024-005: Potential slashing evasion during re-delegation
  • See details.
2024-02-27T21:55:52Z Fix available