Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

go Security Advisories

Loading...
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXd4YzQtZjRtNi13d3F2
Excessive Platform Resource Consumption within a Loop in Kubernetes
Ecosystems: go
Packages: github.com/go-yaml/yaml, gopkg.in/yaml.v2
Source: GitHub Advisory Database
Blast Radius: 35.1
Published: over 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFobTQtanh2Ny1qOXBx
Allocation of Resources Without Limits or Throttling and Uncontrolled Memory Allocation in Kubernetes
Ecosystems: go
Packages: k8s.io/kubernetes
Source: GitHub Advisory Database
Blast Radius: 18.5
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS00MjQ4LXA2NXAtaGNybc4AA4LV
Insecure random string generator used for sensitive data
Ecosystems: go
Packages: github.com/cubefs/cubefs
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 5 months ago
Moderate
GSA_kwCzR0hTQS0zMmg3LTdqOTQtOGZjMs4AA5MM
Mattermost vulnerable to denial of service via large number of emoji reactions
Ecosystems: go
Packages: github.com/mattermost/mattermost/server/v8
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBmNTktajdjMi1yaDZ4
Exposure of Sensitive Information to an Unauthorized Actor and Insertion of Sensitive Information Into Sent Data in Calico
Ecosystems: go
Packages: github.com/projectcalico/calico
Source: GitHub Advisory Database
Blast Radius: 5.1
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS0zamdmLXI2OGgteGZxbc4AA7wZ
btcd susceptible to consensus failures
Ecosystems: go
Packages: github.com/btcsuite/btcd
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 13 days ago
Moderate
GSA_kwCzR0hTQS03djRwLTMyOHYtOHY1Z84AA2fi
Traefik vulnerable to HTTP/2 request causing denial of service
Ecosystems: go
Packages: github.com/traefik/traefik
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 7 months ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJmZnItYzkzMi1jcHh2
Cross-site Request Forgery (CSRF) in Cloud Native Computing Foundation Harbor
Ecosystems: go
Packages: github.com/goharbor/harbor
Source: GitHub Advisory Database
Blast Radius: 4.6
Published: almost 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpyMzQtbWZmOC1wYzZm
SQL Injection in Cloud Native Computing Foundation Harbor
Ecosystems: go
Packages: github.com/goharbor/harbor
Source: GitHub Advisory Database
Blast Radius: 4.3
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS1qMnJwLWdtcXYtZnJods4AA6pX
HashiCorpVault does not correctly validate OCSP responses
Ecosystems: go
Packages: github.com/hashicorp/vault
Source: GitHub Advisory Database
Blast Radius: 21.5
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS1mOGNoLXc3NXYtYzg0N84AA74N
1Panel arbitrary file write vulnerability
Ecosystems: go
Packages: github.com/1Panel-dev/1Panel
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 days ago
Moderate
GSA_kwCzR0hTQS1od2MzLTNxaDYtcjRnZ84AAydO
HashiCorp Vault's PKI mount vulnerable to denial of service
Ecosystems: go
Packages: github.com/hashicorp/vault
Source: GitHub Advisory Database
Blast Radius: 21.9
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS14ZmpqLWY2OTktcmM3Oc4AA70K
tiagorlampert CHAOS vulnerable to arbitrary code execution
Ecosystems: go
Packages: github.com/tiagorlampert/CHAOS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 days ago
Moderate
GSA_kwCzR0hTQS03aGZwLXFmdzMtNWp4aM4AAui3
Helm Vulnerable to denial of service through string value parsing
Ecosystems: go
Packages: helm.sh/helm/v3
Source: GitHub Advisory Database
Blast Radius: 24.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1ycHZyLTM4eHYteHZ4cc4AA0zx
Nomad ACL Policies without Label are Applied to Unexpected Resources
Ecosystems: go
Packages: github.com/hashicorp/nomad
Source: GitHub Advisory Database
Blast Radius: 9.5
Published: 10 months ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdqcjYtcHJ2NC01d2Y1
Helm passes repository credentials to alternate domain
Ecosystems: go
Packages: helm.sh/helm/v3
Source: GitHub Advisory Database
Blast Radius: 25.2
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS1wNzgyLXhncDQtOGhyOM4AAs76
golang.org/x/sys/unix has Incorrect privilege reporting in syscall
Ecosystems: go
Packages: golang.org/x/sys
Source: GitHub Advisory Database
Blast Radius: 29.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS13cDQzLXZwcmgtYzN3Nc4AA6qC
Mattermost fails to authenticate the source of certain types of post actions
Ecosystems: go
Packages: github.com/mattermost/mattermost/server/v8
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS1oZ3Y2LXc3cjMtdzRxd84AAzhi
Kyverno vulnerable due to usage of insecure cipher
Ecosystems: go
Packages: github.com/kyverno/kyverno
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 12 months ago
Moderate
GSA_kwCzR0hTQS12ZmdxLWc1eDgtZzU5Nc4AAyQg
Non-interactive Tailscale SSH sessions on FreeBSD may use the effective group ID of the tailscaled process
Ecosystems: go
Packages: tailscale.com
Source: GitHub Advisory Database
Blast Radius: 11.4
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS1jeDk0LW1yZzktcnE0as4AArBC
Pion/DTLS contains buffer for inbound DTLS fragments with no limit
Ecosystems: go
Packages: github.com/pion/dtls/v2, github.com/pion/dtls
Source: GitHub Advisory Database
Blast Radius: 16.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS13NDVqLWY4MzItaHh2aM4AArM9
Pion/DLTS Accepts Client Certificates Without CertificateVerify
Ecosystems: go
Packages: github.com/pion/dtls/v2, github.com/pion/dtls
Source: GitHub Advisory Database
Blast Radius: 17.8
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1tY3c2LTMyNTYtNjRnZ84AA6qB
Mattermost Server doesn't limit the number of user preferences
Ecosystems: go
Packages: github.com/mattermost/mattermost/server/v8
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQ0cjctN3A2Mi1xM2Zy
miekg/dns insecurely generates random numbers
Ecosystems: go
Packages: github.com/miekg/dns
Source: GitHub Advisory Database
Blast Radius: 28.9
Published: almost 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg1cDktajdjOS12NGdy
containers/image library Insufficiently Protects Credentials
Ecosystems: go
Packages: github.com/containers/image
Source: GitHub Advisory Database
Blast Radius: 16.1
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS02N3J2LXFwdzItNnFycs4AA6qo
Grafana: Users outside an organization can delete a snapshot with its key
Ecosystems: go
Packages: github.com/grafana/grafana
Source: GitHub Advisory Database
Blast Radius: 11.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS02NDl4LWh4ZngtNTdqMs4AA73H
Vitess vulnerable to infinite memory consumption and vtgate crash
Ecosystems: go
Packages: vitess.io/vitess, github.com/vitessio/vitess
Source: GitHub Advisory Database
Blast Radius: 11.6
Published: 10 days ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZoNzQtaG02OS1ycWp3
opencontainers runc contains procfs race condition with a shared volume mount
Ecosystems: go
Packages: github.com/opencontainers/runc
Source: GitHub Advisory Database
Blast Radius: 22.2
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS02N2Z4LXd4NzgtangzM84AAwWy
Helm vulnerable to denial of service through schema file
Ecosystems: go
Packages: helm.sh/helm/v3
Source: GitHub Advisory Database
Blast Radius: 19.6
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1yaGg0LXJoN2MtN3I1ds4AA6r1
Archiver Path Traversal vulnerability
Ecosystems: go
Packages: github.com/mholt/archiver, github.com/mholt/archiver/v3
Source: GitHub Advisory Database
Blast Radius: 21.1
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS1yMzR2LWdxbXctcXZnas4AAih2
Podman Symlink Vulnerability
Ecosystems: go
Packages: github.com/containers/podman/v4
Source: GitHub Advisory Database
Blast Radius: 10.5
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS00Y3J3LXc4cHctMmhtZs4AAwOT
Buildah (as part of Podman) vulnerable to Link Following
Ecosystems: go
Packages: github.com/containers/podman/v4
Source: GitHub Advisory Database
Blast Radius: 10.1
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1jaDd2LTM3eGctNzVwaM4AAx7D
coreDNS vulnerable to Improper Restriction of Communication Channel to Intended Endpoints
Ecosystems: go
Packages: github.com/coredns/coredns
Source: GitHub Advisory Database
Blast Radius: 13.7
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS1oODI4LXY1cHYtMzNxeM4AAx6_
coreDNS vulnerable to Improper Restriction of Communication Channel to Intended Endpoints
Ecosystems: go
Packages: github.com/coredns/coredns
Source: GitHub Advisory Database
Blast Radius: 19.0
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS1qNDUzLWhtNXgtYzQ2d84AAwMu
Echo vulnerable to directory traversal
Ecosystems: go
Packages: github.com/labstack/echo/v4
Source: GitHub Advisory Database
Blast Radius: 22.5
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1tNjU4LXAyNHgtcDc0cs0rEA
TLS certificate validation error in mellium.im/xmpp
Ecosystems: go
Packages: mellium.im/xmpp
Source: GitHub Advisory Database
Blast Radius: 6.6
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS05bTZwLXg0aDItNmZycc4AA7V4
Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences
Ecosystems: go
Packages: github.com/argoproj/argo-cd/v2
Source: GitHub Advisory Database
Blast Radius: 14.1
Published: 22 days ago
Moderate
GSA_kwCzR0hTQS14ajd2LWM4MnctOTJxMs4AAkND
Argo Exposure of Sensitive Information
Ecosystems: go
Packages: github.com/argoproj/argo-cd
Source: GitHub Advisory Database
Blast Radius: 9.7
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS02M2N2LTRwYzItNGZjZs4AA3lw
Mattermost Exposure of Sensitive Information to an Unauthorized Actor vulnerability
Ecosystems: go
Packages: github.com/mattermost/mattermost/server/v8, github.com/mattermost/mattermost-server/v6
Source: GitHub Advisory Database
Blast Radius: 11.8
Published: 5 months ago
Moderate
GSA_kwCzR0hTQS04aDhwLXgyODktdnZxcs0pyQ
Gitea displaying raw OpenID error in UI
Ecosystems: go
Packages: github.com/go-gitea/gitea
Source: GitHub Advisory Database
Blast Radius: 8.5
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS1nZ3A1LTI4eDQteGNqOc4AA6wX
Minder GetRepositoryByName data leak
Ecosystems: go
Packages: github.com/stacklok/minder
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS1meDZ4LWg5ZzQtNTZmOM4AAk1F
containernetworking/plugins vulnerable to MitM attacks
Ecosystems: go
Packages: github.com/containernetworking/plugins
Source: GitHub Advisory Database
Blast Radius: 24.7
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1tcngzLWd4angtaGpxas4AA47t
Authentik vulnerable to PKCE downgrade attack
Ecosystems: go
Packages: goauthentik.io
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
Moderate
GSA_kwCzR0hTQS1jcTJnLXB3NnEtaGY3as4AAwaq
Cortex's Alertmanager can expose local files content via specially crafted config
Ecosystems: go
Packages: github.com/cortexproject/cortex
Source: GitHub Advisory Database
Blast Radius: 18.1
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1oM3EyLTh3aHgtYzI5aM4AA485
`goreleaser release --debug` shows secrets
Ecosystems: go
Packages: github.com/goreleaser/goreleaser
Source: GitHub Advisory Database
Blast Radius: 19.4
Published: 4 months ago
Moderate
GSA_kwCzR0hTQS13Njd2LXBoNHgtZjQ4cc4AA6p_
Mattermost Server Improper Access Control
Ecosystems: go
Packages: github.com/mattermost/mattermost/server/v8
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS05cDI2LTY5OHItdzRoeM4AA4-t
BuildKit vulnerable to possible panic when incorrect parameters sent from frontend
Ecosystems: go
Packages: github.com/moby/buildkit
Source: GitHub Advisory Database
Blast Radius: 16.2
Published: 4 months ago
Moderate
GSA_kwCzR0hTQS02ZzJxLXc1ajMtZndoNM4AA4-2
containerd environment variable leak
Ecosystems: go
Packages: github.com/containerd/containerd
Source: GitHub Advisory Database
Blast Radius: 27.9
Published: 4 months ago
Moderate
GSA_kwCzR0hTQS12Z2gzLW13eHEtcmNwOM4AA4--
Hashicorp Vault may expose sensitive log information
Ecosystems: go
Packages: github.com/hashicorp/vault
Source: GitHub Advisory Database
Blast Radius: 15.1
Published: 4 months ago
Moderate
GSA_kwCzR0hTQS1tdnByLXE2cmgtOHZycM4AAmcL
Grafana XSS via a query alias for the ElasticSearch datasource
Ecosystems: go
Packages: github.com/grafana/grafana
Source: GitHub Advisory Database
Blast Radius: 10.4
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS14NzQ0LW1tOHYtdnBncs4AA8Ew
Grafana Data source and plugin proxy endpoints could leak the authentication cookie to some destination plugins
Ecosystems: go
Packages: github.com/grafana/grafana
Source: GitHub Advisory Database
Blast Radius: 11.6
Published: 4 days ago
Moderate
GSA_kwCzR0hTQS1najdtLTg1M3ItMjg5cs4AA8Ev
Grafana when using email as a username can block other users from signing in
Ecosystems: go
Packages: github.com/grafana/grafana
Source: GitHub Advisory Database
Blast Radius: 7.3
Published: 4 days ago
Moderate
GSA_kwCzR0hTQS0yeDZnLWgyaGctcnE4NM4AA8Eu
Grafana Email addresses and usernames can not be trusted
Ecosystems: go
Packages: github.com/grafana/grafana
Source: GitHub Advisory Database
Blast Radius: 10.9
Published: 4 days ago
Moderate
GSA_kwCzR0hTQS0zcDYyLTQyeDctZ3hnNc4AA8Et
Grafana User enumeration via forget password
Ecosystems: go
Packages: github.com/grafana/grafana
Source: GitHub Advisory Database
Blast Radius: 11.4
Published: 4 days ago
Moderate
GSA_kwCzR0hTQS1mZjVjLTkzOHctOGM5cc4AA8Eq
Grafana Escalation from admin to server admin when auth proxy is used
Ecosystems: go
Packages: github.com/grafana/grafana
Source: GitHub Advisory Database
Blast Radius: 11.2
Published: 4 days ago
Moderate
GSA_kwCzR0hTQS1qdjMyLTU1NzgtcHhqY84AA8Ep
Grafana Data source and plugin proxy endpoints leaking authentication tokens to some destination plugins
Ecosystems: go
Packages: github.com/grafana/grafana
Source: GitHub Advisory Database
Blast Radius: 8.3
Published: 4 days ago
Moderate
GSA_kwCzR0hTQS1yaHhqLWdoNDYtanZ3OM4AA8Eo
Grafana Plugin signature bypass
Ecosystems: go
Packages: github.com/grafana/grafana
Source: GitHub Advisory Database
Blast Radius: 10.4
Published: 4 days ago
Moderate
GSA_kwCzR0hTQS1tNXhmLXg3cTYtM3JtN84AAv8J
KubeVela VelaUX APIserver has SSRF vulnerability
Ecosystems: go
Packages: github.com/oam-dev/kubevela
Source: GitHub Advisory Database
Blast Radius: 7.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS02M2czLTlqcTMtbWNjds4AA8Em
Grafana API IDOR
Ecosystems: go
Packages: github.com/grafana/grafana
Source: GitHub Advisory Database
Blast Radius: 7.3
Published: 4 days ago
Moderate
GSA_kwCzR0hTQS14YzNwLTI4aHctcTI0Z84AA8Ek
Grafana proxy Cross-site Scripting
Ecosystems: go
Packages: github.com/grafana/grafana
Source: GitHub Advisory Database
Blast Radius: 11.6
Published: 4 days ago
Moderate
GSA_kwCzR0hTQS03NTMzLWM4cXYtam05bc4AA8Ei
Grafana directory traversal for .cvs files
Ecosystems: go
Packages: github.com/grafana/grafana
Source: GitHub Advisory Database
Blast Radius: 7.3
Published: 4 days ago
Moderate
GSA_kwCzR0hTQS05NXByLWZ4ZjUtODZnds4AA67e
Cosign malicious artifacts can cause machine-wide DoS
Ecosystems: go
Packages: github.com/sigstore/cosign/v2, github.com/sigstore/cosign
Source: GitHub Advisory Database
Blast Radius: 11.8
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS04OGp4LTM4M3EtdzRxY84AA67d
Cosign malicious attachments can cause system-wide denial of service
Ecosystems: go
Packages: github.com/sigstore/cosign/v2, github.com/sigstore/cosign
Source: GitHub Advisory Database
Blast Radius: 11.8
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS0zZnd4LXBqZ3ctMzU1OM4AA4-5
Moby (Docker Engine) Insufficiently restricted permissions on data directory
Ecosystems: go
Packages: github.com/docker/docker, github.com/moby/moby
Source: GitHub Advisory Database
Blast Radius: 27.2
Published: 4 months ago
Moderate
GSA_kwCzR0hTQS00dzUzLTZqdnAtZ2c1Ms4AA8Ez
sshpiper's enabling of proxy protocol without proper feature flagging allows faking source address
Ecosystems: go
Packages: github.com/tg123/sshpiper
Source: GitHub Advisory Database
Blast Radius: 1.6
Published: 3 days ago
Moderate
GSA_kwCzR0hTQS05N3JjLW1tNWotZjZyas4AAwnr
usememos/memos vulnerable to stored Cross-site Scripting
Ecosystems: go
Packages: github.com/usememos/memos
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1qdnE4LXc3cXYtaHFwNs4AAwo-
usememos/memos Improper Authentication vulnerability
Ecosystems: go
Packages: github.com/usememos/memos
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1xY2Y1LW0yYzYtODlmMs4AAwo_
usememos/memos Improper Authorization vulnerability
Ecosystems: go
Packages: github.com/usememos/memos
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS02bThyLWpoODktcnE3aM4AAnvU
Rancher Cross-site Scripting Vulnerability
Ecosystems: go
Packages: github.com/rancher/rancher
Source: GitHub Advisory Database
Blast Radius: 9.8
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1jNWhxLTM1aDctcjl4NM4AAwqA
usememos/memos Cross-Site Request Forgery vulnerability
Ecosystems: go
Packages: github.com/usememos/memos
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1nZmo0LXdnODktbTIycs4AAwo7
usememos/memos Improper Access Control vulnerability
Ecosystems: go
Packages: github.com/usememos/memos
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1xanFnLTR3ZzctOTU3aM4AA8FL
azure-file-csi-driver leaks service account tokens in the logs
Ecosystems: go
Packages: sigs.k8s.io/azurefile-csi-driver
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 days ago
Moderate
GSA_kwCzR0hTQS02d2hqLThnOWctNWp2eM4AAwqm
usememos/memos vulnerable to Improper Handling of Insufficient Permissions or Privileges
Ecosystems: go
Packages: github.com/usememos/memos
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS00ajkzLWZtOTItcnA0bc4AA5Zy
ASA-2024-003: Missing `BlockedAddressed` Validation in Vesting Module
Ecosystems: go
Packages: github.com/cosmos/cosmos-sdk
Source: GitHub Advisory Database
Blast Radius: 21.9
Published: 3 months ago
Moderate
GSA_kwCzR0hTQS02anZjLXEyeDctcGNods4AAwom
AWS S3 Crypto SDK sends an unencrypted hash of the plaintext alongside the ciphertext as a metadata field
Ecosystems: go
Packages: github.com/aws/aws-sdk-go
Source: GitHub Advisory Database
Blast Radius: 20.8
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS12NDJmLWhxNzgtOGM1bc4AAwBK
Denial of service in Mattermost
Ecosystems: go
Packages: github.com/mattermost/mattermost-server
Source: GitHub Advisory Database
Blast Radius: 13.6
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1mNm1tLTVmYzctM2czY84AA8GD
goreleaser shows environment by default
Ecosystems: go
Packages: github.com/goreleaser/goreleaser
Source: GitHub Advisory Database
Blast Radius: 21.9
Published: 3 days ago
Moderate
GSA_kwCzR0hTQS12NTU0LXh3Z3ctaGMzd84AA8GA
source-controller leaks Azure Storage SAS token into logs
Ecosystems: go
Packages: github.com/fluxcd/source-controller
Source: GitHub Advisory Database
Blast Radius: 8.2
Published: 3 days ago
Moderate
GSA_kwCzR0hTQS02Y3dtLXdtODItaGdyd84AAoHD
MongoDB Tools Improper Certificate Validation vulnerability
Ecosystems: go
Packages: github.com/mongodb/mongo-tools
Source: GitHub Advisory Database
Blast Radius: 9.7
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS12NTNnLTVnanAtMjcycs4AA5Uj
Helm dependency management path traversal
Ecosystems: go
Packages: helm.sh/helm/v3
Source: GitHub Advisory Database
Blast Radius: 23.7
Published: 3 months ago
Moderate
GSA_kwCzR0hTQS1jNXdjLXYyODctODJwY84AAgYl
HashiCorp Vault improper configuration of multi factor authentication
Ecosystems: go
Packages: github.com/hashicorp/vault
Source: GitHub Advisory Database
Blast Radius: 17.8
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1nOXF4LTI1dmotcmY1M84AA69T
Apache Solr Operator liveness and readiness probes may leak basic auth credentials
Ecosystems: go
Packages: github.com/apache/solr-operator
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS1qMmgyLWN2d2gtY3I2NM4AAlGB
Mattermost Server Sensitive Data Exposure
Ecosystems: go
Packages: github.com/mattermost/mattermost
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1yOTY5LTc4M2YtNmpxcs4AA5Wp
Improper Neutralization of HTTP Headers in github.com/greenpau/caddy-security
Ecosystems: go
Packages: github.com/greenpau/caddy-security
Source: GitHub Advisory Database
Blast Radius: 2.1
Published: 3 months ago
Moderate
GSA_kwCzR0hTQS04aHAzLXJtcjcteGg4OM4AA5Wv
Open Redirect in github.com/greenpau/caddy-security
Ecosystems: go
Packages: github.com/greenpau/caddy-security
Source: GitHub Advisory Database
Blast Radius: 2.6
Published: 3 months ago
Moderate
GSA_kwCzR0hTQS04aDk1LWpjcDUtcGpwcs4AA5Wt
Improper Validation of Array Index in github.com/greenpau/caddy-security
Ecosystems: go
Packages: github.com/greenpau/caddy-security
Source: GitHub Advisory Database
Blast Radius: 2.5
Published: 3 months ago
Moderate
GSA_kwCzR0hTQS1jN3ZmLW0zOTQtbTR4NM4AA5Wn
Use of Insufficiently Random Values in github.com/greenpau/caddy-security
Ecosystems: go
Packages: github.com/greenpau/caddy-security
Source: GitHub Advisory Database
Blast Radius: 3.1
Published: 3 months ago
Moderate
GSA_kwCzR0hTQS03NDk2LWZndjkteHc4Ms4AA5Zq
Unencrypted ingress/health traffic when using Wireguard transparent encryption
Ecosystems: go
Packages: github.com/cilium/cilium
Source: GitHub Advisory Database
Blast Radius: 12.3
Published: 3 months ago
Moderate
GSA_kwCzR0hTQS0zOTJoLXI0NmotcTI0cM4AA3Ym
OwnCast remote code execution vulnerability
Ecosystems: go
Packages: github.com/owncast/owncast
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 6 months ago
Moderate
GSA_kwCzR0hTQS1tbXg1LTMybTQtd3h2eM4AA04G
Ineffective privileges drop when requesting container network
Ecosystems: go
Packages: github.com/apptainer/apptainer
Source: GitHub Advisory Database
Blast Radius: 3.7
Published: 10 months ago
Moderate
GSA_kwCzR0hTQS1mOTloLXczMzctbXY1Ns4AA0pu
iprange may panic when parsing ranges with invalid masks
Ecosystems: go
Packages: github.com/malfunkt/iprange
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 10 months ago
Moderate
GSA_kwCzR0hTQS1xeDM0LTQ3ZmMtdnY3Oc4AAxfC
Answer vulnerable to Race Condition
Ecosystems: go
Packages: github.com/answerdev/answer
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS0ydzh3LXFoZzQtZjc4as4AA0mz
A stored XSS in jaeger UI might allow an attacker who controls a trace to perform arbitrary jaeger queries
Ecosystems: go
Packages: github.com/jaegertracing/jaeger
Source: GitHub Advisory Database
Blast Radius: 19.9
Published: 10 months ago
Moderate
GSA_kwCzR0hTQS1tNXByLXdtNnEteDRnMs4AAwpL
usememos/memos vulnerable to Comparison of Object References Instead of Object Contents
Ecosystems: go
Packages: github.com/usememos/memos
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS03djNnLTQ4NzgtNXFyZs4AAvRN
Nomad Panics On Job Submission With Bad Artifact Stanza Source URL
Ecosystems: go
Packages: github.com/hashicorp/nomad
Source: GitHub Advisory Database
Blast Radius: 15.1
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1qd3ZyLXZ2N3AtZ3B3cc3XnQ
Privilege escalation for users with create/update permissions in Global Roles in Rancher
Ecosystems: go
Packages: github.com/rancher/rancher
Source: GitHub Advisory Database
Blast Radius: 10.4
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1qMmNyLWpjMzktd3B4Nc4AA0fr
Barberry Security Advisory - regarding x/auth periodic vesting accounts
Ecosystems: go
Packages: github.com/cosmos/cosmos-sdk
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 11 months ago
Moderate
GSA_kwCzR0hTQS1oajkzLTVmZzMtM2Nocs0uhw
HashiCorp Consul Ingress Gateway Panic Can Shutdown Servers
Ecosystems: go
Packages: github.com/hashicorp/consul
Source: GitHub Advisory Database
Blast Radius: 22.6
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1tdmozLXFycWgtY2p2cs4AA0ON
CometBFT PeerState JSON serialization deadlock
Ecosystems: go
Packages: github.com/cometbft/cometbft
Source: GitHub Advisory Database
Blast Radius: 11.1
Published: 11 months ago
Moderate
GSA_kwCzR0hTQS1jNTdjLTdocmotNnE2ds4AAznc
Hashicorp Consul vulnerable to denial of service
Ecosystems: go
Packages: github.com/hashicorp/consul
Source: GitHub Advisory Database
Blast Radius: 17.0
Published: 12 months ago
Statistics
Advisories: 18,774
Packages: 8,381
Repositories: 547
Ecosystems: 12
Filter by Severity
Moderate 8,161 High 6,452 Critical 2,849 Low 1,017
Filter by Ecosystem
maven 5,573 packagist 4,003 pypi 3,848 npm 3,557 go 1,935 nuget 1,421 rubygems 815 cargo 780 swift 31 hex 30 actions 16 pub 8
Filter by Package
github.com/usememos/memos 59 github.com/grafana/grafana 44 github.com/mattermost/mattermost/server/v8 38 github.com/mattermost/mattermost-server/v6 37 github.com/answerdev/answer 34 k8s.io/kubernetes 32 github.com/argoproj/argo-cd 29 github.com/rancher/rancher 28 github.com/hashicorp/vault 28 github.com/hashicorp/consul 26 github.com/hashicorp/nomad 26 gogs.io/gogs 24 github.com/argoproj/argo-cd/v2 23 github.com/cilium/cilium 20 github.com/docker/docker 20 github.com/ethereum/go-ethereum 20 code.gitea.io/gitea 19 helm.sh/helm/v3 18 golang.org/x/net 17 github.com/goharbor/harbor 15 github.com/containerd/containerd 14 github.com/nats-io/nats-server/v2 13 github.com/traefik/traefik/v2 13 github.com/mattermost/mattermost-server 13 github.com/opencontainers/runc 12 github.com/moby/moby 12 github.com/go-gitea/gitea 12 github.com/1Panel-dev/1Panel 11 github.com/cloudflare/cfrpki 11 github.com/openfga/openfga 11 github.com/zitadel/zitadel 11 github.com/greenpau/caddy-security 10 github.com/cosmos/cosmos-sdk 9 github.com/sylabs/singularity 9 github.com/cri-o/cri-o 9 github.com/kubernetes/kubernetes 9 golang.org/x/crypto 9 istio.io/istio 8 github.com/kubeedge/kubeedge 8 github.com/pterodactyl/wings 8 go.etcd.io/etcd 8 github.com/containers/podman/v4 8 github.com/pomerium/pomerium 8 github.com/google/fscrypt 7 k8s.io/ingress-nginx 7 github.com/traefik/traefik 7 github.com/nats-io/jwt 7 github.com/beego/beego 7 github.com/hashicorp/go-getter 7 helm.sh/helm 7 github.com/russellhaering/gosaml2 6 github.com/gravitl/netmaker 6 github.com/pion/dtls 6 github.com/russellhaering/goxmldsig 6 github.com/apache/trafficcontrol 6 github.com/sigstore/cosign 6 github.com/hyperledger/fabric 6 github.com/authzed/spicedb 6 github.com/fluxcd/flux2 6 github.com/treeverse/lakefs 6 github.com/cubefs/cubefs 6 github.com/beego/beego/v2 6 kubevirt.io/kubevirt 6 github.com/schollz/croc/v9 5 github.com/hashicorp/go-getter/v2 5 github.com/mattermost/mattermost-server/v5 5 github.com/foxcpp/maddy 5 go.etcd.io/etcd/v3 5 github.com/tendermint/tendermint 5 github.com/kyverno/kyverno 5 github.com/kiali/kiali 5 github.com/cometbft/cometbft 5 github.com/stacklok/minder 5 github.com/moby/buildkit 5 github.com/traefik/traefik/v3 5 github.com/gofiber/fiber/v2 5 github.com/fluxcd/kustomize-controller 5 github.com/ipfs/go-ipfs 5 github.com/apache/incubator-answer 5 github.com/IBAX-io/go-ibax 5 github.com/KubeOperator/kubepi 5 github.com/containers/buildah 5 github.com/0xJacky/Nginx-UI 5 github.com/pion/dtls/v2 5 github.com/gophish/gophish 5 github.com/arduino/arduino-create-agent 4 github.com/crewjam/saml 4 github.com/free5gc/free5gc 4 golang.org/x/net/http2 4 github.com/dexidp/dex 4 github.com/dhowden/tag 4 github.com/ory/fosite 4 github.com/alist-org/alist/v3 4 github.com/concourse/concourse 4 github.com/containers/podman/v3 4 github.com/git-lfs/git-lfs 4 github.com/oauth2-proxy/oauth2-proxy 4 github.com/casdoor/casdoor 4 github.com/argoproj/argo-workflows/v3 4 github.com/tidwall/gjson 4 github.com/aws/aws-sdk-go 4 github.com/coredns/coredns 4 github.com/open-policy-agent/opa 4 github.com/hashicorp/go-getter/gcs/v2 4 github.com/hashicorp/go-getter/s3/v2 4 github.com/lestrrat-go/jwx 4 github.com/lestrrat-go/jwx/v2 4 github.com/IceWhaleTech/CasaOS-UserService 4 github.com/gin-gonic/gin 4 github.com/docker/distribution 3 github.com/apache/servicecomb-service-center 3 github.com/hashicorp/vault/vault 3 github.com/quic-go/quic-go 3 gopkg.in/yaml.v2 3 github.com/tiagorlampert/CHAOS 3 k8s.io/client-go 3 github.com/syncthing/syncthing 3 github.com/crossplane/crossplane 3 github.com/flyteorg/flyteadmin 3 github.com/openshift/origin 3 github.com/ory/oathkeeper 3 github.com/ElrondNetwork/elrond-go 3 github.com/lightningnetwork/lnd 3 github.com/libp2p/go-libp2p 3 github.com/cheqd/cheqd-node 3 github.com/minio/minio 3 go.etcd.io/etcd/client/v3 3 github.com/sigstore/cosign/v2 3 github.com/fluxcd/helm-controller 3 golang.org/x/text 3 github.com/nats-io/jwt/v2 3 github.com/navidrome/navidrome 3 github.com/crypto-org-chain/cronos 3 github.com/owncast/owncast 3 github.com/heketi/heketi 3 github.com/mholt/archiver 3 vitess.io/vitess 3 github.com/consensys/gnark 3 github.com/projectcalico/calico 3 github.com/notaryproject/notation 3 github.com/miekg/dns 3 github.com/tharsis/evmos 3 github.com/dutchcoders/transfer.sh 3 github.com/edgelesssys/constellation/v2 3 github.com/weaveworks/weave-gitops 3 github.com/caddyserver/caddy 3 github.com/authelia/authelia/v4 3 github.com/phachon/mm-wiki 3 github.com/cortexproject/cortex 3 github.com/square/go-jose 3 github.com/go-vela/server 3 github.com/jackc/pgx/v4 3 github.com/artifacthub/hub 3 github.com/hashicorp/boundary 3 golang.org/x/image 3 github.com/buildkite/elastic-ci-stack-for-aws/v6 2 Google.Protobuf 2 google/protobuf 2 github.com/protocolbuffers/protobuf 2 github.com/gphper/ginadmin 2 github.com/sigstore/rekor 2 github.com/woodpecker-ci/woodpecker 2 github.com/projectcapsule/capsule-proxy 2 github.com/theupdateframework/go-tuf 2 google.golang.org/grpc 2 github.com/karmada-io/karmada 2 github.com/go-git/go-git/v5 2 protobuf 2 github.com/ansible-semaphore/semaphore 2 github.com/siderolabs/talos 2 github.com/go-yaml/yaml 2 github.com/clastix/capsule-proxy 2 github.com/etcd-io/etcd 2 github.com/openshift/apiserver-library-go 2 github.com/mattermost/mattermost-plugin-jira 2 github.com/edgexfoundry/app-functions-sdk-go/v2 2 github.com/bytebase/bytebase 2 gopkg.in/src-d/go-git.v4 2 github.com/u-root/u-root 2 github.com/apptainer/apptainer 2 github.com/multiversx/mx-chain-go 2 github.com/labring/sealos 2 github.com/jaegertracing/jaeger 2 rancher/rancher 2 github.com/influxdata/influxdb 2 github.com/imgproxy/imgproxy/v3 2 k8s.io/apimachinery 2 github.com/minio/console 2 github.com/dvsekhvalnov/jose2go 2 mellium.im/xmpp 2 github.com/google/exposure-notifications-verification-server 2 github.com/prometheus/prometheus 2 github.com/talos-systems/talos 2 github.com/pingcap/tidb 2 github.com/microcosm-cc/bluemonday 2 github.com/sap/cloud-security-client-go 2 github.com/hashicorp/terraform 2 github.com/argoproj/argo-events 2 github.com/bitly/oauth2_proxy 2 github.com/flipped-aurora/gin-vue-admin/server 2
Filter by Repository
https://github.com/usememos/memos 59 https://github.com/kubernetes/kubernetes 49 https://github.com/grafana/grafana 37 https://github.com/argoproj/argo-cd 37 https://github.com/answerdev/answer 34 https://github.com/go-gitea/gitea 31 https://github.com/rancher/rancher 25 https://github.com/gogs/gogs 20 https://github.com/cilium/cilium 20 https://github.com/helm/helm 19 https://github.com/hashicorp/consul 19 https://github.com/hashicorp/vault 16 https://github.com/ethereum/go-ethereum 16 https://github.com/etcd-io/etcd 16 https://github.com/goharbor/harbor 15 https://github.com/moby/moby 14 https://github.com/mattermost/mattermost 14 https://github.com/containerd/containerd 14 https://github.com/hashicorp/nomad 13 https://github.com/traefik/traefik 13 https://github.com/golang/go 13 https://github.com/cloudflare/cfrpki 11 https://github.com/nats-io/nats-server 11 https://github.com/zitadel/zitadel 11 https://github.com/opencontainers/runc 11 https://github.com/openfga/openfga 11 https://github.com/containers/podman 11 https://github.com/1Panel-dev/1Panel 11 https://github.com/greenpau/caddy-security 10 https://github.com/cosmos/cosmos-sdk 9 https://github.com/cri-o/cri-o 9 https://github.com/istio/istio 8 https://github.com/kubeedge/kubeedge 8 https://github.com/docker/docker 8 https://github.com/pterodactyl/wings 8 https://github.com/pomerium/pomerium 8 https://github.com/hpcng/singularity 7 https://github.com/beego/beego 7 https://github.com/hashicorp/go-getter 7 https://github.com/kubernetes/ingress-nginx 7 https://github.com/google/fscrypt 7 https://github.com/schollz/croc 6 https://github.com/moby/buildkit 6 https://github.com/cubefs/cubefs 6 https://github.com/fluxcd/flux2 6 https://github.com/hyperledger/fabric 6 https://github.com/containers/buildah 6 https://github.com/treeverse/lakeFS 6 https://github.com/authzed/spicedb 6 https://github.com/gravitl/netmaker 6 https://github.com/pion/dtls 6 https://github.com/sigstore/cosign 6 https://github.com/russellhaering/gosaml2 5 https://github.com/stacklok/minder 5 https://github.com/kyverno/kyverno 5 https://github.com/ipfs/go-ipfs 5 https://github.com/IBAX-io/go-ibax 5 https://github.com/gophish/gophish 5 https://github.com/gofiber/fiber 5 https://github.com/free5gc/free5gc 5 https://github.com/foxcpp/maddy 5 https://github.com/crewjam/saml 5 https://github.com/cometbft/cometbft 5 https://github.com/argoproj/argo-workflows 5 https://github.com/0xJacky/nginx-ui 5 https://github.com/tendermint/tendermint 5 https://github.com/open-policy-agent/opa 4 https://github.com/arduino/arduino-create-agent 4 https://github.com/grafana/bugbounty 4 https://github.com/dhowden/tag 4 https://github.com/dexidp/dex 4 https://github.com/tidwall/gjson 4 https://github.com/siderolabs/talos 4 https://github.com/containous/traefik 4 https://github.com/gin-gonic/gin 4 https://github.com/lestrrat-go/jwx 4 https://github.com/git-lfs/git-lfs 4 https://github.com/IceWhaleTech/CasaOS-UserService 4 https://github.com/oauth2-proxy/oauth2-proxy 4 https://github.com/concourse/concourse 4 https://github.com/kubevirt/kubevirt 4 https://github.com/aws/aws-sdk-go 4 https://github.com/nats-io/jwt 4 https://github.com/ory/fosite 4 https://github.com/casdoor/casdoor 4 https://github.com/tailscale/tailscale 3 https://github.com/ipfs/boxo 3 https://github.com/quic-go/quic-go 3 https://github.com/edgelesssys/constellation 3 https://github.com/coredns/coredns 3 https://github.com/dutchcoders/transfer.sh 3 https://github.com/ElrondNetwork/elrond-go 3 https://github.com/cortexproject/cortex 3 https://github.com/cheqd/cheqd-node 3 https://github.com/kiali/kiali 3 https://github.com/libp2p/go-libp2p 3 https://github.com/openshift/origin 3 https://github.com/KubeOperator/KubePi 3 https://github.com/weaveworks/weave-gitops 3 https://github.com/phachon/mm-wiki 3 https://github.com/crossplane/crossplane 3 https://github.com/kubernetes-sigs/secrets-store-csi-driver 3 https://github.com/caddyserver/caddy 3 https://github.com/open-telemetry/opentelemetry-go-contrib 3 https://github.com/vitessio/vitess 3 https://github.com/go-vela/server 3 https://github.com/flyteorg/flyteadmin 3 https://github.com/syncthing/syncthing 3 https://github.com/go-yaml/yaml 3 https://github.com/apache/trafficcontrol 3 https://github.com/minio/minio 3 https://github.com/moby/libnetwork 3 https://github.com/flipped-aurora/gin-vue-admin 3 https://github.com/sylabs/singularity 3 https://github.com/alist-org/alist 3 https://github.com/navidrome/navidrome 3 https://github.com/evmos/evmos 3 https://github.com/Consensys/gnark 3 https://github.com/tiagorlampert/CHAOS 3 https://github.com/gogits/gogs 3 https://github.com/artifacthub/hub 3 https://github.com/heketi/heketi 3 https://github.com/u-root/u-root 3 https://github.com/square/go-jose 3 https://github.com/authelia/authelia 3 https://github.com/ory/oathkeeper 3 https://github.com/Consensys/gnark-crypto 2 https://github.com/cosmos/ethermint 2 https://github.com/codenotary/immudb 2 https://github.com/multiversx/mx-chain-go 2 https://github.com/minio/console 2 https://github.com/miekg/dns 2 https://github.com/microcosm-cc/bluemonday 2 https://github.com/lightningnetwork/lnd 2 https://github.com/coreos/etcd 2 https://github.com/mholt/archiver 2 https://github.com/Masterminds/goutils 2 https://github.com/containers/image 2 https://github.com/mattermost/mattermost-plugin-jira 2 https://github.com/woodpecker-ci/woodpecker 2 https://github.com/containers/libpod 2 https://github.com/mellium/xmpp 2 https://github.com/heroiclabs/nakama 2 https://github.com/envoyproxy/envoy 2 https://github.com/hashicorp/terraform 2 https://github.com/facebook/fbthrift 2 https://github.com/fkie-cad/yapscan 2 https://github.com/fleetdm/fleet 2 https://github.com/fluid-cloudnative/fluid 2 https://github.com/gphper/ginadmin 2 https://github.com/flynn/noise 2 https://github.com/gotify/server 2 https://github.com/goreleaser/goreleaser 2 https://github.com/ulikunitz/xz 2 https://github.com/unknwon/cae 2 https://github.com/google/exposure-notifications-verification-server 2 https://github.com/go-git/go-git 2 https://github.com/golang/crypto 2 https://github.com/go-jose/go-jose 2 https://github.com/gohugoio/hugo 2 https://github.com/labstack/echo 2 https://github.com/labring/sealos 2 https://github.com/temporalio/temporal 2 https://github.com/crypto-org-chain/cronos 2 https://github.com/kitabisa/teler-waf 2 https://github.com/kitabisa/teler 2 https://github.com/distribution/distribution 2 https://github.com/drakkan/sftpgo 2 https://github.com/jackc/pgproto3 2 https://github.com/ipld/go-codec-dagpb 2 https://github.com/dvsekhvalnov/jose2go 2 https://github.com/ecnepsnai/web 2 https://github.com/edgelesssys/marblerun 2 https://github.com/influxdata/influxdb 2 https://github.com/imgproxy/imgproxy 2 https://github.com/IceWhaleTech/CasaOS 2 https://github.com/elastic/beats 2 https://github.com/theupdateframework/go-tuf 2 https://github.com/cloudflare/circl 2 https://github.com/bottlerocket-os/bottlerocket 2 https://github.com/opencontainers/distribution-spec 2 https://github.com/rancher/wrangler 2 https://github.com/projectcapsule/capsule-proxy 2 https://github.com/sigstore/rekor 2 https://github.com/atredispartners/advisories 2 https://github.com/swaggo/http-swagger 2 https://github.com/openshift/apiserver-library-go 2 https://github.com/brokercap/Bifrost 2 https://github.com/stripe/smokescreen 2 https://github.com/argoproj/argo-events 2 https://github.com/zalando/skipper 2 https://github.com/owncast/owncast 2 https://github.com/russellhaering/goxmldsig 2 https://github.com/buger/jsonparser 2 https://github.com/peterzen/goresolver 2 https://github.com/pingcap/tidb 2 https://github.com/supranational/blst 2 https://github.com/apptainer/apptainer 2 https://github.com/pires/go-proxyproto 2