Vulnerability Library

ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-qc6v-5g5m-8cw2
  • Go/github.com/zitadel/zitadel-go/v3
 ZITADEL Go's GRPC example code vulnerability - GO-2024-2687 HTTP/2 CONTINUATION flood in net/http 13 hours ago
  • Fix available
  • Severity - 6.9 (Medium)
GO-2024-2980
  • Go/github.com/nats-io/nats-server
  • Go/github.com/nats-io/nats-server/v2
  • Go/github.com/nats-io/nats-streaming-server
 NATS Server and Streaming Server fails to enforce negative user permissions, may allow denied subjects in github.com/nats-io/nats-server 3 days ago
  • Fix available
GO-2024-2981
  • Go/github.com/openclarity/kubeclarity/backend
 SQL Injection in the KubeClarity REST API in github.com/openclarity/kubeclarity/backend 3 days ago
  • Fix available
GO-2024-2982
  • Go/github.com/hashicorp/vault
 Hashicorp Vault vulnerable to Improper Check or Handling of Exceptional Conditions in github.com/hashicorp/vault 3 days ago
  • Fix available
GHSA-5248-h45p-9pgw
  • Go/github.com/openclarity/kubeclarity/backend
 SQL Injection in the KubeClarity REST API 3 days ago
  • Fix available
  • Severity - 7.1 (High)
GHSA-2qmw-pvf7-4mw6
  • Go/github.com/hashicorp/vault
 Hashicorp Vault vulnerable to Improper Check or Handling of Exceptional Conditions 4 days ago
  • Fix available
  • Severity - 7.5 (High)
GHSA-2h2x-8hh2-mfq8
  • Go/github.com/nats-io/nats-server/v2
  • Go/github.com/nats-io/nats-streaming-server
  • Go/github.com/nats-io/nats-server
 NATS Server and Streaming Server fails to enforce negative user permissions, may allow denied subjects 4 days ago
  • Fix available
  • Severity - 7.1 (High)
GO-2024-2979
  • Go/zotregistry.dev/zot
  • Go/zotregistry.io/zot
 Cache driver GetBlob() allows read access to any blob without access control check in zotregistry.dev/zot 5 days ago
  • No fix available
GHSA-q6hg-6m9x-5g9c
  • Go/github.com/evmos/evmos/v18
 Evmos vulnerable to exploit of smart contract account and vesting 5 days ago
  • Fix available
  • Severity - 8.7 (High)
GHSA-55r9-5mx9-qq7r
  • Go/zotregistry.io/zot
  • Go/zotregistry.dev/zot
 Cache driver GetBlob() allows read access to any blob without access control check 6 days ago
  • Fix available
  • Severity - 5.3 (Medium)
GO-2024-2968
  • Go/github.com/zitadel/zitadel
 ZITADEL Vulnerable to Session Information Leakage in github.com/zitadel/zitadel 6 days ago
  • No fix available
GO-2024-2969
  • Go/github.com/gogs/gogs
 CVE-2024-39930 in github.com/gogs/gogs 6 days ago
  • No fix available
GO-2024-2970
  • Go/github.com/gogs/gogs
 Gogs allows deletion of internal files in github.com/gogs/gogs 6 days ago
  • No fix available
GO-2024-2971
  • Go/github.com/gogs/gogs
 Gogs allows argument injection during the previewing of changes in github.com/gogs/gogs 6 days ago
  • No fix available
GO-2024-2972
  • Go/github.com/gogs/gogs
 Gogs allows argument injection during the tagging of a new release in github.com/gogs/gogs 6 days ago
  • No fix available
GO-2024-2973
  • Go/github.com/traefik/traefik
  • Go/github.com/traefik/traefik/v2
  • Go/github.com/traefik/traefik/v3
 Bypassing IP allow-lists in traefik via HTTP/3 early data requests in QUIC 0-RTT handshakes in github.com/traefik/traefik 6 days ago
  • Fix available
Load more...