Vulnerability Library

ID
Packages
Summary
Affected versions
Last modified
Fix
GHSA-fcm2-6c3h-pg6j
  • Go/github.com/cri-o/cri-o
  • Go/github.com/cri-o/cri-o
  • Go/github.com/cri-o/cri-o
Node DOS by way of memory exhaustion through ExecSync request in CRI-O
  • 1.24.0
2022-06-15T18:40:05Z Fix available
GHSA-526x-rm7j-v389
  • Go/github.com/hashicorp/nomad
  • Go/github.com/hashicorp/nomad
  • Go/github.com/hashicorp/nomad
Privilege escalation in Hashicorp Nomad
  • See details.
2022-06-14T20:05:46Z Fix available
GHSA-2927-hv3p-f3vp
  • Go/github.com/caddyserver/caddy
  • Go/github.com/caddyserver/caddy/v2
Open redirect in caddy
  • See details.
2022-06-14T20:01:41Z Fix available
GHSA-xwx5-5c9g-x68x
  • Go/istio.io/istio
  • Go/istio.io/istio
  • Go/istio.io/istio
Ill-formed headers may lead to unexpected behavior in Istio
  • See details.
2022-06-10T19:53:55Z Fix available
GHSA-x95h-979x-cf3j
  • PyPI/pybluemonday
  • Go/github.com/microcosm-cc/bluemonday
Policies not properly enforced in bluemonday
  • 0.0.1
  • 0.0.2
  • 0.0.3
  • 0.0.4
  • 0.0.5
  • 0.0.6
  • 0.0.7
2022-06-10T02:13:41.005897Z Fix available
GHSA-77rm-9x9h-xj3g
  • NuGet/Google.Protobuf
  • Packagist/google/protobuf
  • Maven/com.google.protobuf:protobuf-parent
  • Go/github.com/protocolbuffers/protobuf
  • PyPI/protobuf
NULL Pointer Dereference in Protocol Buffers
  • 0.0.1-test1
  • 3.0.0
  • 3.0.0-alpha4
  • 3.0.0-beta2
  • 3.0.0-beta3
  • 3.0.0-beta4
  • 3.1.0
  • ...
2022-06-10T02:10:13.237664Z Fix available
GHSA-9pg5-3pjc-f8wm
  • Go/github.com/gphper/ginadmin
Path traversal in ginadmin
  • See details.
2022-06-09T22:56:10Z No fix available
GHSA-5824-6jfv-xr3r
  • Go/github.com/gphper/ginadmin
Arbitrary file read in ginadmin
  • See details.
2022-06-09T22:55:49Z No fix available
GHSA-f7ff-xf87-f22q
  • Go/github.com/mindoc-org/mindoc
Arbitrary command execution in Minidoc
  • See details.
2022-06-09T22:54:48Z No fix available
GO-2022-0477
  • Go/crypto/rand
  • See details.
2022-06-09T01:43:37Z Fix available
GHSA-xq4v-vrp9-vcf2
  • Go/gogs.io/gogs
Cross-site Scripting vulnerability in repository issue list in Gogs
  • See details.
2022-06-08T22:24:25Z Fix available
GHSA-hj57-j5cw-2mwp
  • Go/github.com/coreos/ignition/v2
  • Go/github.com/coreos/ignition
Ignition config accessible to unprivileged software on VMware
  • See details.
2022-06-08T21:57:40Z Fix available
GHSA-fcgg-rvwg-jv58
  • Go/github.com/hashicorp/go-getter
  • Go/github.com/hashicorp/go-getter
Unsafe downloads in HashiCorp go-getter
  • See details.
2022-06-08T16:34:31Z Fix available
GHSA-cjr4-fv6c-f3mv
  • Go/github.com/hashicorp/go-getter
  • Go/github.com/hashicorp/go-getter
Unsafe downloads in HashiCorp go-getter
  • See details.
2022-06-08T16:33:12Z Fix available
GHSA-qwrf-gfpj-qvj6
  • Go/github.com/stripe/smokescreen
Smokescreen SSRF via deny list bypass (square brackets)
  • See details.
2022-06-08T16:30:51Z Fix available
GHSA-wjxw-gh3m-7pm5
  • Go/github.com/ethereum/go-ethereum
DoS via malicious p2p message in Go Ethereum
  • See details.
2022-06-07T14:30:11Z Fix available