Vulnerability Library

ID
Packages
Summary
Affected versions
Last modified
Fix
GO-2020-0009
  • Go/github.com/square/go-jose
  • See details.
2022-10-05T15:18:19Z Fix available
GO-2021-0051
  • Go/github.com/labstack/echo/v4
  • See details.
2022-10-05T15:18:19Z Fix available
GHSA-2w6m-q946-399r
  • Go/github.com/dapr/dashboard
Dapr Dashboard vulnerable to Incorrect Access Control
  • See details.
2022-10-04T21:59:06Z No fix available
GHSA-5rc4-v5mj-g8c4
  • Go/github.com/bytebase/bytebase
Bytebase does not restrict low privilege user to access admin issues
  • See details.
2022-10-04T21:42:30Z No fix available
GHSA-pwq7-f7f9-cm2j
  • Go/github.com/dutchcoders/transfer.sh
Dutchoders transfer.sh contains an XSS vulnerability via malicious file upload
  • See details.
2022-10-04T15:28:51Z No fix available
GHSA-vh7g-p26c-j2cw
  • Go/github.com/dexidp/dex
Dex vulnerable to Man-in-the-Middle allowing ID token capture via intercepted authorization code
  • See details.
2022-10-03T19:12:03Z Fix available
GHSA-9rpw-2h95-666c
  • Go/github.com/cloudflare/goflow/v3/decoders/sflow
Cloudflare GoFlow vulnerable to a Denial of Service in the sflow packet handling package
  • See details.
2022-10-01T15:52:23Z Fix available
GHSA-c9qr-f6c8-rgxf
  • Go/https://pkg.go.dev/github.com/cloudwego/hertz
Hertz contains path traversal via normalizePath function
  • See details.
2022-09-30T23:07:07Z Fix available
GHSA-crxj-hrmp-4rwf
  • Go/github.com/labstack/echo/v4
Labstack Echo Open Redirect vulnerability
  • See details.
2022-09-30T06:31:20Z Fix available
GO-2022-1026
  • Go/github.com/peterzen/goresolver
  • See details.
2022-09-29T17:25:07Z No fix available
GO-2022-0979
  • Go/github.com/peterzen/goresolver
  • See details.
2022-09-29T17:25:00Z No fix available
GHSA-m69r-9g56-7mv8
  • Go/github.com/hashicorp/consul
  • Go/github.com/hashicorp/consul
  • Go/github.com/hashicorp/consul
HashiCorp Consul vulnerable to authorization bypass
  • See details.
2022-09-29T14:39:58Z Fix available
GHSA-m7w4-q5vg-5xfp
  • Go/https://pkg.go.dev/github.com/mattermost/mattermost-server/v6
Mattermost subject to Denial of Service via upload of special GIF
  • See details.
2022-09-28T14:14:03Z Fix available
GHSA-9w7j-q3xw-p9vh
  • Go/github.com/hyperledger/fabric
Hyperledger Fabric subject to Denial of Service via non-validated request
  • See details.
2022-09-28T14:12:31Z Fix available
GHSA-p6fh-xc6r-g5hw
  • Go/github.com/brokercap/Bifrost
Brokercap Bifrost subject to authentication bypass when using HTTP basic authentication
  • See details.
2022-09-27T15:45:09Z Fix available
GHSA-6xf3-5hp7-xqqg
  • Go/github.com/gravitational/teleport
  • Go/github.com/gravitational/teleport
  • Go/github.com/gravitational/teleport
Improper token validation leading to code execution in Teleport
  • See details.
2022-09-27T08:28:17Z Fix available