Vulnerability Library

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-4mh8-9689-38vr
  • Go/github.com/snapcore/snapd
 snapd failed to restrict writes to the $HOME/bin path yesterday
  • Fix available
  • Severity - 6.3 (Medium)
GHSA-64jh-cjwc-w8q6
  • Go/github.com/snapcore/snapd
 snapd failed to properly check the file type when extracting a snap yesterday
  • Fix available
  • Severity - 5.8 (Medium)
GHSA-69p6-gp5x-j269
  • Go/github.com/snapcore/snapd
 snapd failed to properly check the destination of symbolic links when extracting a snap yesterday
  • Fix available
  • Severity - 4.8 (Medium)
GHSA-v8wx-v5jq-qhhw
  • Go/github.com/argoproj/argo-cd
 The Argo CD web terminal session does not handle the revocation of user permissions properly 2 days ago
  • Fix available
  • Severity - 5.1 (Medium)
GO-2024-2993
  • Go/github.com/bishopfox/sliver
 Sliver Allows Authenticated Operator-to-Server Remote Code Execution in github.com/bishopfox/sliver 4 days ago
  • No fix available
GO-2024-2994
  • Go/k8s.io/kubernetes
 Kubernetes sets incorrect permissions on Windows containers logs in k8s.io/kubernetes 4 days ago
  • Fix available
GO-2024-2996
  • Go/github.com/gotenberg/gotenberg/v7
  • Go/github.com/gotenberg/gotenberg/v8
 CVE-2024-21527 in github.com/gotenberg/gotenberg 4 days ago
  • Fix available
GO-2024-2997
  • Go/github.com/gitpod-io/gitpod
 CVE-2024-21583 in github.com/gitpod-io/gitpod 4 days ago
  • No fix available
GO-2024-2984
  • Go/github.com/linkerd/linkerd2
 Linkerd potential access to the shutdown endpoint in github.com/linkerd/linkerd2 4 days ago
  • Fix available
GO-2024-2987
  • Go/github.com/skupperproject/skupper
 Skupper uses a static cookie secret for the openshift oauth-proxy in github.com/skupperproject/skupper 4 days ago
  • Fix available
GO-2024-2989
  • Go/github.com/projectdiscovery/nuclei
  • Go/github.com/projectdiscovery/nuclei/v2
  • Go/github.com/projectdiscovery/nuclei/v3
 projectdiscovery/nuclei allows unsigned code template execution through workflows in github.com/projectdiscovery/nuclei 4 days ago
  • Fix available
GO-2024-2990
  • Go/github.com/1Panel-dev/1Panel
 1Panel has an SQL injection issue related to the orderBy clause in github.com/1Panel-dev/1Panel 4 days ago
  • No fix available
GO-2024-2992
  • Go/github.com/1Panel-dev/1Panel
 1Panel SQL injection in github.com/1Panel-dev/1Panel 4 days ago
  • Fix available
GHSA-jmvp-698c-4x3w
  • Go/github.com/argoproj/argo-cd
  • Go/github.com/argoproj/argo-cd/v2
 Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint 4 days ago
  • Fix available
  • Severity - 8.7 (High)
GHSA-x72p-g37q-4xr9
  • Go/github.com/drakkan/sftpgo/v2
 SFTPGo's JWT implmentation lacks certain security measures 4 days ago
  • No fix available
  • Severity - 7.1 (High)
GHSA-xw35-rrcp-g7xm
  • Go/go.woodpecker-ci.org/woodpecker/v2
  • Go/go.woodpecker-ci.org/woodpecker
 Woodpecker's custom workspace allow to overwrite plugin entrypoint executable 19 Jul
  • Fix available
  • Severity - 8.7 (High)
Load more...