GO-2024-3044
See a problem?- Source
- https://pkg.go.dev/vuln/GO-2024-3044
- Import Source
- https://vuln.go.dev/ID/GO-2024-3044.json
- JSON Data
- https://api.osv.dev/v1/vulns/GO-2024-3044
- Aliases
- Published
- 2024-08-06T22:40:50Z
- Modified
- 2024-08-06T23:12:05.392523Z
- Summary
- lorawan-stack Open Redirect vulnerability in go.thethings.network/lorawan-stack
- Details
-
lorawan-stack Open Redirect vulnerability in go.thethings.network/lorawan-stack
- References
-
- https://github.com/advisories/GHSA-5fwq-9x7j-2qpg
- https://nvd.nist.gov/vuln/detail/CVE-2023-26494
- https://securitylab.github.com/advisories/GHSL-2022-138_lorawan-stack
- https://github.com/TheThingsNetwork/lorawan-stack/blob/ecdef730f176c02f7c9afce98b0457ae64de5bfc/pkg/webui/account/views/login/index.js#L90-L90
- https://github.com/TheThingsNetwork/lorawan-stack/blob/ecdef730f176c02f7c9afce98b0457ae64de5bfc/pkg/webui/account/views/token-login/index.js#L74-L74
- https://github.com/TheThingsNetwork/lorawan-stack/commit/f06776028bdb3994847fc6067613dc61a2b3559e
- https://github.com/TheThingsNetwork/lorawan-stack/releases/tag/v3.24.1
- https://securitylab.github.com/advisories
Affected packages
Go / go.thethings.network/lorawan-stack
Package
- Name
- go.thethings.network/lorawan-stack
- View open source insights on deps.dev
- Purl
- pkg:golang/go.thethings.network/lorawan-stack
Go / go.thethings.network/lorawan-stack/v3
Package
- Name
- go.thethings.network/lorawan-stack/v3
- View open source insights on deps.dev
- Purl
- pkg:golang/go.thethings.network/lorawan-stack/v3