GHSA-qc6v-5g5m-8cw2
- Go/github.com/zitadel/zitadel-go/v3
ZITADEL Go's GRPC example code vulnerability - GO-2024-2687 HTTP/2 CONTINUATION flood in net/http
13 hours ago
GO-2024-2980
- Go/github.com/nats-io/nats-server
- Go/github.com/nats-io/nats-server/v2
- Go/github.com/nats-io/nats-streaming-server
NATS Server and Streaming Server fails to enforce negative user permissions, may allow denied subjects in github.com/nats-io/nats-server
3 days ago
GO-2024-2981
- Go/github.com/openclarity/kubeclarity/backend
SQL Injection in the KubeClarity REST API in github.com/openclarity/kubeclarity/backend
3 days ago
GO-2024-2982
- Go/github.com/hashicorp/vault
Hashicorp Vault vulnerable to Improper Check or Handling of Exceptional Conditions in github.com/hashicorp/vault
3 days ago
GHSA-5248-h45p-9pgw
- Go/github.com/openclarity/kubeclarity/backend
SQL Injection in the KubeClarity REST API
3 days ago
GHSA-2qmw-pvf7-4mw6
- Go/github.com/hashicorp/vault
Hashicorp Vault vulnerable to Improper Check or Handling of Exceptional Conditions
4 days ago
GHSA-2h2x-8hh2-mfq8
- Go/github.com/nats-io/nats-server/v2
- Go/github.com/nats-io/nats-streaming-server
- Go/github.com/nats-io/nats-server
NATS Server and Streaming Server fails to enforce negative user permissions, may allow denied subjects
4 days ago
GO-2024-2979
- Go/zotregistry.dev/zot
- Go/zotregistry.io/zot
Cache driver GetBlob() allows read access to any blob without access control check in zotregistry.dev/zot
5 days ago
GHSA-q6hg-6m9x-5g9c
- Go/github.com/evmos/evmos/v18
Evmos vulnerable to exploit of smart contract account and vesting
5 days ago
GHSA-55r9-5mx9-qq7r
- Go/zotregistry.io/zot
- Go/zotregistry.dev/zot
Cache driver GetBlob() allows read access to any blob without access control check
6 days ago
GO-2024-2968
- Go/github.com/zitadel/zitadel
ZITADEL Vulnerable to Session Information Leakage in github.com/zitadel/zitadel
6 days ago
GO-2024-2969
CVE-2024-39930 in github.com/gogs/gogs
6 days ago
GO-2024-2970
Gogs allows deletion of internal files in github.com/gogs/gogs
6 days ago
GO-2024-2971
Gogs allows argument injection during the previewing of changes in github.com/gogs/gogs
6 days ago
GO-2024-2972
Gogs allows argument injection during the tagging of a new release in github.com/gogs/gogs
6 days ago
GO-2024-2973
- Go/github.com/traefik/traefik
- Go/github.com/traefik/traefik/v2
- Go/github.com/traefik/traefik/v3
Bypassing IP allow-lists in traefik via HTTP/3 early data requests in QUIC 0-RTT handshakes in github.com/traefik/traefik
6 days ago
Go - OSV