Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

go Security Advisories

Loading...
Critical
GSA_kwCzR0hTQS0zM202LXE5djUtNjJyN84AA6Xq
Predictable SIF UUID Identifiers
Ecosystems: go
Packages: github.com/apptainer/sif, github.com/satori/go.uuid
Source: GitHub Advisory Database
Blast Radius: 46.3
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS1od2o3LWZyZ2otNzgyOc4AAyM1
Answer vulnerable to Authentication Bypass by Capture-replay
Ecosystems: go
Packages: github.com/answerdev/answer
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS03ZnhqLWZyM3Ytcjlnas4AAvtj
TiDB vulnerable to Use of Externally-Controlled Format String
Ecosystems: go
Packages: github.com/pingcap/tidb
Source: GitHub Advisory Database
Blast Radius: 26.5
Published: over 1 year ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNmOHItNHF3bS1yN2pm
Improper Authentication in Apache Traffic Control
Ecosystems: go
Packages: github.com/apache/trafficcontrol
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: almost 3 years ago
Critical
GSA_kwCzR0hTQS01N2dnLWNqNTUtcTVnMs4AArAN
Token leases could outlive their TTL in HashiCorp Vault
Ecosystems: go
Packages: github.com/hashicorp/vault
Source: GitHub Advisory Database
Blast Radius: 33.0
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS1jcnhqLWhybXAtNHJ3Zs4AAvG8
Labstack Echo Open Redirect vulnerability
Ecosystems: go
Packages: github.com/labstack/echo/v4
Source: GitHub Advisory Database
Blast Radius: 41.3
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS12ZnJqLWZ2NnAtM2NwZs4AAzpG
Brook's tproxy server is vulnerable to a drive-by command injection.
Ecosystems: go
Packages: github.com/txthinking/brook
Source: GitHub Advisory Database
Blast Radius: 5.8
Published: 11 months ago
Critical
GSA_kwCzR0hTQS02NnA4LWo0NTktcnE2M84AAxiH
Pterodactyl Wings contains UNIX Symbolic Link (Symlink) Following resulting in deletion of files and directories on the host system
Ecosystems: go
Packages: github.com/pterodactyl/wings
Source: GitHub Advisory Database
Blast Radius: 2.9
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS05NHc5LTk3cDMtcDM2OM4AA2gP
CSRF Token Reuse Vulnerability
Ecosystems: go
Packages: github.com/gofiber/fiber/v2
Source: GitHub Advisory Database
Blast Radius: 35.7
Published: 7 months ago
Critical
GSA_kwCzR0hTQS12cXA2LXJjM2gtODNjcM4AAv_L
Tailscale Windows daemon is vulnerable to RCE via CSRF
Ecosystems: go
Packages: tailscale.com
Source: GitHub Advisory Database
Blast Radius: 19.2
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS1mbWc0LXg4cHctaGpoZ84AA5dK
Fiber has Insecure CORS Configuration, Allowing Wildcard Origin with Credentials
Ecosystems: go
Packages: github.com/gofiber/fiber/v2
Source: GitHub Advisory Database
Blast Radius: 34.9
Published: 2 months ago
Critical
GSA_kwCzR0hTQS1tcHYzLWc4bTMtM2ZqY84AA0AQ
Grafana vulnerable to Authentication Bypass by Spoofing
Ecosystems: go
Packages: github.com/grafana/grafana
Source: GitHub Advisory Database
Blast Radius: 16.0
Published: 11 months ago
Critical
GSA_kwCzR0hTQS00bXEyLWdjNGotY213Ns4AA4Y6
Django Template Engine Vulnerable to XSS
Ecosystems: go
Packages: github.com/gofiber/template/django/v3
Source: GitHub Advisory Database
Blast Radius: 6.5
Published: 4 months ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW05aHAtN3I5OS05NGg1
Critical security issues in XML encoding in github.com/dexidp/dex
Ecosystems: go
Packages: github.com/russellhaering/goxmldsig, github.com/dexidp/dex
Source: GitHub Advisory Database
Blast Radius: 29.6
Published: over 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXE2Y2otNmp2cS1qd21o
Privilege Escalation in Cloud Native Computing Foundation Harbor
Ecosystems: go
Packages: github.com/goharbor/harbor
Source: GitHub Advisory Database
Blast Radius: 5.6
Published: almost 3 years ago
Critical
GSA_kwCzR0hTQS12aDdnLXAyNmMtajJjd84AAvJw
Dex vulnerable to Man-in-the-Middle allowing ID token capture via intercepted authorization code
Ecosystems: go
Packages: github.com/dexidp/dex
Source: GitHub Advisory Database
Blast Radius: 17.0
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS14OXA5LXYzeDYtNjhtcc4AAwra
usememos/memos vulnerable to Cross-site Scripting
Ecosystems: go
Packages: github.com/usememos/memos
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS1mZ3h2LWd3NTUtcjVmcc4AA5wB
Authorization Bypass Through User-Controlled Key in go-zero
Ecosystems: go
Packages: github.com/zeromicro/go-zero
Source: GitHub Advisory Database
Blast Radius: 25.2
Published: about 2 months ago
Critical
GSA_kwCzR0hTQS1qNDk2LWNyZ2gtMzRteM4AA6qW
ibc-go: Potential Reentrancy using Timeout Callbacks in ibc-hooks
Ecosystems: go
Packages: github.com/cosmos/ibc-go, github.com/cosmos/ibc-go/v2, github.com/cosmos/ibc-go/v3, github.com/cosmos/ibc-go/v8, github.com/cosmos/ibc-go/v7, github.com/cosmos/ibc-go/v6, github.com/cosmos/ibc-go/v5, github.com/cosmos/ibc-go/v4
Source: GitHub Advisory Database
Blast Radius: 24.8
Published: 28 days ago
Critical
GSA_kwCzR0hTQS1qcGY4LWg3aDctM3Bwbc4AAwoR
tar-utils Path Traversal vulnerability
Ecosystems: go
Packages: github.com/whyrusleeping/tar-utils
Source: GitHub Advisory Database
Blast Radius: 25.4
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS1qNnZ2LXZ2MjYtcmg3Y84AA488
HashiCorp Vault Improper Privilege Management
Ecosystems: go
Packages: github.com/hashicorp/vault/vault
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
Critical
GSA_kwCzR0hTQS00Y3h3LWhxNDQtcjM0NM0uNQ
Off-by-one Error in v2fly/v2ray-core
Ecosystems: go
Packages: github.com/v2fly/v2ray-core, github.com/v2fly/v2ray-core/v4
Source: GitHub Advisory Database
Blast Radius: 17.7
Published: about 2 years ago
Critical
GSA_kwCzR0hTQS02NXB4LTRjcGYtNjk3cs4AAxfH
Cross-site scripting vulnerability found in answerdev/answer
Ecosystems: go
Packages: github.com/answerdev/answer
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS0zamZxLTc0MncteGc4as4AAxrA
Users with any cluster secret update access may update out-of-bounds cluster secrets
Ecosystems: go
Packages: github.com/argoproj/argo-cd
Source: GitHub Advisory Database
Blast Radius: 13.6
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS14NXI1LTJxcngtcnFqOM4AA5ik
Transparent TLS may not be applied to Marbles with certain manifest configurations
Ecosystems: go
Packages: github.com/edgelesssys/marblerun
Source: GitHub Advisory Database
Blast Radius: 5.5
Published: 2 months ago
Critical
GSA_kwCzR0hTQS1yNWhtLW1wM2otMjg1Z84AA2C4
sing-box vulnerable to improper authentication in the SOCKS inbound
Ecosystems: go
Packages: github.com/sagernet/sing, github.com/sagernet/sing-box
Source: GitHub Advisory Database
Blast Radius: 23.7
Published: 7 months ago
Critical
GSA_kwCzR0hTQS00Zzc2LXczeHctMng2d84AAyGN
Full authentication bypass if SASL authorization username is specified
Ecosystems: go
Packages: github.com/foxcpp/maddy
Source: GitHub Advisory Database
Blast Radius: 2.7
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS1wZm13LXZqNzQtcGg4Z80YjQ
HashiCorp Vault Incorrect Permission Assignment for Critical Resource
Ecosystems: go
Packages: github.com/hashicorp/vault
Source: GitHub Advisory Database
Blast Radius: 30.6
Published: over 2 years ago
Critical
GSA_kwCzR0hTQS1mNWM1LWhtdzktdjhoeM4AAwoX
Unzip vulnerable to path traversal
Ecosystems: go
Packages: github.com/yi-ge/unzip
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS1yNDhxLTlnNXItOHEyaM4AArc1
Authorization Bypass Through User-Controlled Key in go-restful
Ecosystems: go
Packages: github.com/emicklei/go-restful/v2, github.com/emicklei/go-restful, github.com/emicklei/go-restful/v3
Source: GitHub Advisory Database
Blast Radius: 42.1
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS03Y2d2LXY4M3YtcnI4N84AAvAP
HashiCorp Vault vulnerable to incorrect metadata access
Ecosystems: go
Packages: github.com/hashicorp/vault
Source: GitHub Advisory Database
Blast Radius: 30.6
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS0zODM5LTZyNjktbTQ5N84AAwoN
GoUtils's randomly-generated alphanumeric strings contain significantly less entropy than expected
Ecosystems: go
Packages: github.com/Masterminds/goutils
Source: GitHub Advisory Database
Blast Radius: 39.0
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS05OTRmLTdnODYtcXI1Ns4AArcn
Path Traversal in file editor on Windows in Gogs
Ecosystems: go
Packages: gogs.io/gogs
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS1wNzQ0LTRxNnAtaHZjMs4AAzSb
Wings vulnerable to escape to host from installation container
Ecosystems: go
Packages: github.com/pterodactyl/wings
Source: GitHub Advisory Database
Blast Radius: 2.7
Published: 12 months ago
Critical
GSA_kwCzR0hTQS1ybWo5LXE1OGctOXFnZ84AAwoW
go-unzip vulnerable to Path Traversal
Ecosystems: go
Packages: github.com/artdarek/go-unzip
Source: GitHub Advisory Database
Blast Radius: 16.0
Published: over 1 year ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg2cjktMzlqOS05OXdw
Elliptic Curve Key Disclosure in go-jose
Ecosystems: go
Packages: github.com/square/go-jose, gopkg.in/square/go-jose.v1
Source: GitHub Advisory Database
Blast Radius: 25.4
Published: almost 3 years ago
Critical
GSA_kwCzR0hTQS0zMnFoLTh2ZzYtOWc0M84AAwop
Cloud Foundry Archiver vulnerable to path traversal
Ecosystems: go
Packages: code.cloudfoundry.org/archiver, github.com/cloudfoundry/archiver
Source: GitHub Advisory Database
Blast Radius: 13.6
Published: over 1 year ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc3Y3ItNmdyOC03cnI5
Use After Free in HashiCorp Nomad
Ecosystems: go
Packages: github.com/hashicorp/nomad
Source: GitHub Advisory Database
Blast Radius: 21.1
Published: about 2 years ago
Critical
GSA_kwCzR0hTQS1oNHc5LTZ4NzgtOHZyas4AAs5Z
Argo CD's external URLs for Deployments can include JavaScript
Ecosystems: go
Packages: github.com/argoproj/argo-cd/v2, github.com/argoproj/argo-cd
Source: GitHub Advisory Database
Blast Radius: 19.7
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS1ocm0zLTN4bTYteDMzaM4AAwoO
golang-nanoauth authentication bypass vulnerability
Ecosystems: go
Packages: github.com/nanobox-io/golang-nanoauth
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS03NTdwLXZ4NDMtZnA5cs4AA01i
KubePi Privilege Escalation vulnerability
Ecosystems: go
Packages: github.com/KubeOperator/kubepi
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
Critical
GSA_kwCzR0hTQS14Z2djLXFwcmcteDZtd84AAs7K
Weave GitOps leaked cluster credentials into logs on connection errors
Ecosystems: go
Packages: github.com/weaveworks/weave-gitops
Source: GitHub Advisory Database
Blast Radius: 2.7
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS1qd3Y1LThtcXYtZzM4N84AA6CM
Cross-site scripting on application summary component
Ecosystems: go
Packages: github.com/argoproj/argo-cd/v2, github.com/argoproj/argo-cd
Source: GitHub Advisory Database
Blast Radius: 19.7
Published: about 2 months ago
Critical
GSA_kwCzR0hTQS1ybXc4LTc4MjMtd3A3Zs4AAxfE
Answer contains Cross-site Scripting vulnerability
Ecosystems: go
Packages: github.com/answerdev/answer
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS04dzVxLTVmcHEtdjRwbc4AAwrb
usememos/memos Cross-site Scripting vulnerability
Ecosystems: go
Packages: github.com/usememos/memos
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS1tY2pqLTJmdnEtbWMzcs4AAvPZ
Gogs vulnerable to Cross-site Scripting
Ecosystems: go
Packages: gogs.io/gogs
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS1qMmpwLXd2cWctd2MyZ84AAwFN
crewjam/saml vulnerable to signature bypass via multiple Assertion elements due to improper authentication
Ecosystems: go
Packages: github.com/crewjam/saml
Source: GitHub Advisory Database
Blast Radius: 26.0
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS0zZnA1LTJ4d2gtZnhtNs4AA657
Evmos transaction execution not accounting for all state transition after interaction with precompiles
Ecosystems: go
Packages: github.com/tharsis/evmos/v5, github.com/tharsis/evmos/v4, github.com/tharsis/evmos/v3, github.com/tharsis/evmos/v2, github.com/tharsis/evmos, github.com/evmos/evmos/v5, github.com/evmos/evmos/v6, github.com/evmos/evmos/v7, github.com/evmos/evmos/v16
Source: GitHub Advisory Database
Blast Radius: 5.5
Published: 23 days ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNmNTUtcnE4eC1obTZm
Path Traversal in Dutchcoders transfer.sh
Ecosystems: go
Packages: github.com/dutchcoders/transfer.sh
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 3 years ago
Critical
GSA_kwCzR0hTQS1oam1yLXhtMjUtMzZtaM4AAxfG
Answer subject to Cross-site Scripting vulnerability
Ecosystems: go
Packages: github.com/answerdev/answer
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS05ampjLWdyZzUtNjdnas4AA3W2
SQL injection vulnerability in Meshery
Ecosystems: go
Packages: github.com/layer5io/meshery
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
Critical
GSA_kwCzR0hTQS1wN3dqLWM4NWYteHE5aM4AAxfD
Answer has Cross-site Scripting vulnerability
Ecosystems: go
Packages: github.com/answerdev/answer
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS1tOHJ3LXJjcHEtMnZwMs4AA3uk
Improper Privilege Management in github.com/sap/cloud-security-client-go
Ecosystems: go
Packages: github.com/sap/cloud-security-client-go
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
Critical
GSA_kwCzR0hTQS1xOWhyLWo0cmYtOGZqY84AAxJD
JWT audience claim is not verified
Ecosystems: go
Packages: github.com/argoproj/argo-cd
Source: GitHub Advisory Database
Blast Radius: 13.6
Published: over 1 year ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTU5OWgtOHdwai03NXhq
Authentication Bypass in tyk-identity-broker
Ecosystems: go
Packages: github.com/tyktechnologies/tyk-identity-broker
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
Critical
GSA_kwCzR0hTQS12NnJ3LWhoZ2ctd2M0eM4AA7I5
Evmos vulnerable to DOS and transaction fee expropiation through Authz exploit
Ecosystems: go
Packages: github.com/evmos/evmos/v11
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 16 days ago
Critical
GSA_kwCzR0hTQS1qcXZyLWoydmctZ2pyds4AAzg5
Signature validation bypass in github.com/moov-io/signedxml
Ecosystems: go
Packages: github.com/moov-io/signedxml
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 11 months ago
Critical
GSA_kwCzR0hTQS05dm0zLXI4Z3EtY3I2eM4AAusJ
Casdoor arbitrary file write vulnerability
Ecosystems: go
Packages: github.com/casdoor/casdoor
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS05MmNnLWdocTYtOTU4N84AA3r1
Privilege escalation in sap/cloud-security-client-go
Ecosystems: go
Packages: github.com/sap/cloud-security-client-go
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZnNWYtZjVwbS1tanJn
Istio may not check inbound TCP connections against istio-policy
Ecosystems: go
Packages: istio.io/istio
Source: GitHub Advisory Database
Blast Radius: 19.3
Published: about 2 years ago
High
GSA_kwCzR0hTQS13cjNjLWczMjYtNDg2Y84AAw0t
GitOps Run allows for Kubernetes workload injection
Ecosystems: go
Packages: github.com/weaveworks/weave-gitops
Source: GitHub Advisory Database
Blast Radius: 2.7
Published: over 1 year ago
High
GSA_kwCzR0hTQS1yM3AzLTVmMzUtaDZtZs4AAwpF
usememos/memos Improper Privilege Management vulnerability
Ecosystems: go
Packages: github.com/usememos/memos
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
High
GSA_kwCzR0hTQS1nNnc2LXI3NmMtMjhqN80psA
Incorrect Authorization in NATS nats-server
Ecosystems: go
Packages: github.com/nats-io/nats-server/v2, github.com/nats-io/nats-streaming-server
Source: GitHub Advisory Database
Blast Radius: 38.7
Published: about 2 years ago
High
GSA_kwCzR0hTQS1tdjczLWY2OXgtNDQ0cM4AA2gQ
Go Fiber CSRF Token Validation Vulnerability
Ecosystems: go
Packages: github.com/gofiber/fiber/v2
Source: GitHub Advisory Database
Blast Radius: 32.7
Published: 7 months ago
High
GSA_kwCzR0hTQS04MjZqLTh3cDItNHg2cc4AA1gX
Netmaker Vulnerable to Privilege Escalation From Non Admin To Admin User
Ecosystems: go
Packages: github.com/gravitl/netmaker
Source: GitHub Advisory Database
Blast Radius: 6.8
Published: 8 months ago
High
GSA_kwCzR0hTQS0zMnJwLXEzN3Atamc2d809eQ
Insecure plugin handling in Mattermost
Ecosystems: go
Packages: github.com/mattermost/mattermost-server/v6
Source: GitHub Advisory Database
Blast Radius: 19.6
Published: about 2 years ago
High
GSA_kwCzR0hTQS1mNnhwLTU5anEtcjM1Y84AAyiT
Phachon mm-wiki Cross Site Request Forgery vulnerability
Ecosystems: go
Packages: github.com/phachon/mm-wiki
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
High
GSA_kwCzR0hTQS1tZm1wLThtcWctcTR3bc4AAwpD
usememos/memos Improper Access Control vulnerability
Ecosystems: go
Packages: github.com/usememos/memos
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
High
GSA_kwCzR0hTQS01ang1LWhxeDUtMnZyas4AA6uv
Ollama DNS rebinding vulnerability
Ecosystems: go
Packages: github.com/ollama/ollama
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 25 days ago
High
GSA_kwCzR0hTQS03ZzJ2LTJmcm0tcmc5NM4AAzTV
Mattermost Incorrect Authorization vulnerability
Ecosystems: go
Packages: github.com/mattermost/mattermost-server/v6
Source: GitHub Advisory Database
Blast Radius: 19.6
Published: 12 months ago
High
GSA_kwCzR0hTQS1qOTdnLTc3ZmotOWM0cM4AAyrA
Answer vulnerable to account takeover because password reset links do not expire
Ecosystems: go
Packages: github.com/answerdev/answer
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
High
GSA_kwCzR0hTQS1xNzhjLWd3cXctamNtY84AA20_
Kubernetes privilege escalation vulnerability
Ecosystems: go
Packages: k8s.io/kubernetes
Source: GitHub Advisory Database
Blast Radius: 37.9
Published: 6 months ago
High
GSA_kwCzR0hTQS1qd3Z3LXY3YzUtbTgyaM3tlQ
protobuf susceptible to buffer overflow
Ecosystems: pypi, packagist, go, maven, nuget
Packages: protobuf, google/protobuf, github.com/protocolbuffers/protobuf, com.google.protobuf:protobuf-parent, Google.Protobuf
Source: GitHub Advisory Database
Blast Radius: 94.2
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1jd2Y2LXhqNDktd3A4M84AAyu6
OpenFeature Operator vulnerable to Cluster-level Privilege Escalation
Ecosystems: go
Packages: github.com/open-feature/open-feature-operator
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
High
GSA_kwCzR0hTQS12d2c0LTg0NngtZjk0ds4AAwkW
usememos/memos vulnerable to improper authorization
Ecosystems: go
Packages: github.com/usememos/memos
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
High
GSA_kwCzR0hTQS1ocTZxLWMyeDYtaG1jaM4AA3Ko
Kubernetes Improper Input Validation vulnerability
Ecosystems: go
Packages: k8s.io/kubernetes
Source: GitHub Advisory Database
Blast Radius: 37.9
Published: 6 months ago
High
GSA_kwCzR0hTQS1mOHI4LWg5M20tbWo3N84AAykW
HashiCorp Nomad vulnerable to unauthenticated client agent HTTP request privilege escalation
Ecosystems: go
Packages: github.com/hashicorp/nomad
Source: GitHub Advisory Database
Blast Radius: 20.4
Published: about 1 year ago
High
GSA_kwCzR0hTQS02eDJtLXc0NDktcXd4N80y7g
Code Injection in CRI-O
Ecosystems: go
Packages: github.com/cri-o/cri-o
Source: GitHub Advisory Database
Blast Radius: 15.7
Published: about 2 years ago
High
GSA_kwCzR0hTQS1mOXhmLWpxNGotdnF3NM4AA7Sr
Rancher does not properly specify ApiGroup when creating Kubernetes RBAC resources
Ecosystems: go
Packages: github.com/rancher/rancher
Source: GitHub Advisory Database
Blast Radius: 14.1
Published: 9 days ago
High
GSA_kwCzR0hTQS01M3BqLTY3bTQtOXc5OM4AAg7q
Rancher code injection via fluentd config commands
Ecosystems: go
Packages: github.com/rancher/rancher
Source: GitHub Advisory Database
Blast Radius: 14.1
Published: almost 2 years ago
High
GSA_kwCzR0hTQS01ajZwLTU5Y2otajZjcM4AA1nE
usememos/memos vulnerable to privilege escalation
Ecosystems: go
Packages: github.com/usememos/memos
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 months ago
High
GSA_kwCzR0hTQS1qN2hwLWg4angtNXBwcs4AA10j
libwebp: OOB write in BuildHuffmanTable
Ecosystems: nuget, cargo, pypi, go, npm
Packages: magick.net-q8-x64, magick.net-q8-openmp-x64, magick.net-q8-anycpu, magick.net-q16-x64, magick.net-q16-hdri-anycpu, magick.net-q16-anycpu, webp, Pillow, github.com/chai2010/webp, SkiaSharp, electron, libwebp-sys, libwebp-sys2
Source: GitHub Advisory Database
Blast Radius: 130.8
Published: 8 months ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVnam0tZmo0Mi14OTgz
etcd Cross-site Request Forgery (CSRF)
Ecosystems: go
Packages: go.etcd.io/etcd/v3
Source: GitHub Advisory Database
Blast Radius: 27.8
Published: about 2 years ago
High
GSA_kwCzR0hTQS13NTd2LTZ4cDQtcm0yds4AAwkT
usememos/memos vulnerable to account takeover due to improper access control
Ecosystems: go
Packages: github.com/usememos/memos
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
High
GSA_kwCzR0hTQS00cDZmLW00ZjktY2g4OM4AAu2R
Binary vulnerable to Slice Memory Allocation with Excessive Size Value
Ecosystems: go
Packages: github.com/gagliardetto/binary
Source: GitHub Advisory Database
Blast Radius: 17.9
Published: over 1 year ago
High
GSA_kwCzR0hTQS0zcjMyLWNwN3YtNXdxNM4AA1iW
Code injection in ansible semaphore
Ecosystems: go
Packages: github.com/ansible-semaphore/semaphore
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
High
GSA_kwCzR0hTQS00d3AzLThxOTItbWg4d80pxA
Cross Site Request Forgery in Gitea
Ecosystems: go
Packages: github.com/go-gitea/gitea
Source: GitHub Advisory Database
Blast Radius: 14.2
Published: about 2 years ago
High
GSA_kwCzR0hTQS05Y3d2LWNwcHgtbXFqbc0uMA
Improper Authentication in Capsule Proxy
Ecosystems: go
Packages: github.com/clastix/capsule-proxy
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS1nNXZtLTUyNXEtcjY2Y84AAxET
Velociraptor vulnerable to Missing Authorization
Ecosystems: go
Packages: www.velocidex.com/golang/velociraptor
Source: GitHub Advisory Database
Blast Radius: 4.2
Published: over 1 year ago
High
GSA_kwCzR0hTQS1ycW04LXE4ajktNjYyZs4AAyGH
Nomad Job Submitter Privilege Escalation Using Workload Identity
Ecosystems: go
Packages: github.com/hashicorp/nomad
Source: GitHub Advisory Database
Blast Radius: 20.4
Published: about 1 year ago
High
GSA_kwCzR0hTQS02cDh2LThjcTgtdjJyM84AAqwf
Access to Unix domain socket can lead to privileges escalation in Cilium
Ecosystems: go
Packages: github.com/cilium/cilium
Source: GitHub Advisory Database
Blast Radius: 17.7
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1wcDNmLXhydzUtcTVqNM4AAv_J
Lancet vulnerable to path traversal when unzipping files
Ecosystems: go
Packages: github.com/duke-git/lancet, github.com/duke-git/lancet/v2
Source: GitHub Advisory Database
Blast Radius: 15.1
Published: over 1 year ago
High
GSA_kwCzR0hTQS1ndnJtLXcyZjktZjc3cc4AA2sh
Ingress-nginx path sanitization can be bypassed
Ecosystems: go
Packages: k8s.io/ingress-nginx
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 6 months ago
High
GSA_kwCzR0hTQS1qNjN4LWY2NTctMm05Z84AA1Ba
Answer has Weak Password Requirements
Ecosystems: go
Packages: github.com/answerdev/answer
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 9 months ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg4amMtam1yZi05aDhm
Argo CD Insecure default administrative password
Ecosystems: go
Packages: github.com/argoproj/argo-cd
Source: GitHub Advisory Database
Blast Radius: 13.1
Published: almost 3 years ago
High
GSA_kwCzR0hTQS1jNDVjLTM5ZjYtNmd3Oc4AAxI_
Rancher generated tokens not revoked after modifications made to authentication provider
Ecosystems: go
Packages: github.com/rancher/rancher
Source: GitHub Advisory Database
Blast Radius: 14.1
Published: over 1 year ago
High
GSA_kwCzR0hTQS1xcjUyLTU5cjYtNDlmNM4AAwkX
usememos/memos Improper Access Control vulnerability
Ecosystems: go
Packages: github.com/usememos/memos
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
High
GSA_kwCzR0hTQS1wdnhqLTI1bTYtN3Zxcs4AA7Sq
Rancher Privilege escalation vulnerability via malicious "Connection" header
Ecosystems: go
Packages: github.com/rancher/rancher
Source: GitHub Advisory Database
Blast Radius: 14.1
Published: 9 days ago
High
GSA_kwCzR0hTQS03ZnhtLWY0NzQtaGY4d84AA209
Kubernetes privilege escalation vulnerability
Ecosystems: go
Packages: k8s.io/kubernetes
Source: GitHub Advisory Database
Blast Radius: 37.9
Published: 6 months ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTV2OTUtdjhjOC0zcmg2
Privilege escalation in rbac
Ecosystems: go
Packages: github.com/google/exposure-notifications-verification-server
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 3 years ago
Statistics
Advisories: 18,330
Packages: 8,279
Repositories: 534
Ecosystems: 12
Filter by Severity
Moderate 7,912 High 6,344 Critical 2,805 Low 981
Filter by Ecosystem
maven 5,520 packagist 3,801 pypi 3,704 npm 3,535 go 1,889 nuget 1,390 rubygems 814 cargo 776 swift 31 hex 30 actions 16 pub 8
Filter by Package
github.com/usememos/memos 59 github.com/mattermost/mattermost/server/v8 38 github.com/mattermost/mattermost-server/v6 37 github.com/answerdev/answer 34 k8s.io/kubernetes 32 github.com/argoproj/argo-cd 29 github.com/hashicorp/vault 28 github.com/grafana/grafana 28 github.com/rancher/rancher 28 github.com/hashicorp/nomad 26 github.com/hashicorp/consul 26 gogs.io/gogs 24 github.com/argoproj/argo-cd/v2 23 github.com/cilium/cilium 20 github.com/ethereum/go-ethereum 19 github.com/docker/docker 19 code.gitea.io/gitea 19 helm.sh/helm/v3 18 golang.org/x/net 17 github.com/goharbor/harbor 15 github.com/nats-io/nats-server/v2 13 github.com/mattermost/mattermost-server 13 github.com/traefik/traefik/v2 13 github.com/containerd/containerd 13 github.com/moby/moby 12 github.com/go-gitea/gitea 12 github.com/opencontainers/runc 12 github.com/zitadel/zitadel 11 github.com/openfga/openfga 11 github.com/cloudflare/cfrpki 11 github.com/1Panel-dev/1Panel 10 github.com/greenpau/caddy-security 10 github.com/cosmos/cosmos-sdk 10 golang.org/x/crypto 9 github.com/kubernetes/kubernetes 9 github.com/cri-o/cri-o 9 github.com/sylabs/singularity 9 istio.io/istio 8 github.com/containers/podman/v4 8 github.com/pomerium/pomerium 8 github.com/kubeedge/kubeedge 8 go.etcd.io/etcd 8 github.com/nats-io/jwt 7 github.com/traefik/traefik 7 github.com/beego/beego 7 k8s.io/ingress-nginx 7 helm.sh/helm 7 github.com/google/fscrypt 7 github.com/hashicorp/go-getter 7 github.com/authzed/spicedb 6 github.com/russellhaering/gosaml2 6 github.com/hyperledger/fabric 6 github.com/cubefs/cubefs 6 github.com/apache/trafficcontrol 6 github.com/gravitl/netmaker 6 github.com/pion/dtls 6 github.com/treeverse/lakefs 6 github.com/beego/beego/v2 6 github.com/russellhaering/goxmldsig 6 github.com/pterodactyl/wings 6 github.com/sigstore/cosign 6 github.com/fluxcd/flux2 6 kubevirt.io/kubevirt 5 github.com/hashicorp/go-getter/v2 5 github.com/tidwall/gjson 5 github.com/containers/buildah 5 github.com/schollz/croc/v9 5 github.com/KubeOperator/kubepi 5 github.com/apache/incubator-answer 5 github.com/mattermost/mattermost-server/v5 5 github.com/fluxcd/kustomize-controller 5 github.com/gofiber/fiber/v2 5 github.com/moby/buildkit 5 github.com/IBAX-io/go-ibax 5 github.com/kyverno/kyverno 5 github.com/pion/dtls/v2 5 go.etcd.io/etcd/v3 5 github.com/cometbft/cometbft 5 github.com/kiali/kiali 5 github.com/0xJacky/Nginx-UI 5 github.com/ipfs/go-ipfs 5 github.com/tendermint/tendermint 5 github.com/foxcpp/maddy 5 github.com/traefik/traefik/v3 5 github.com/gophish/gophish 5 github.com/open-policy-agent/opa 4 github.com/free5gc/free5gc 4 golang.org/x/net/http2 4 github.com/dhowden/tag 4 github.com/aws/aws-sdk-go 4 github.com/crewjam/saml 4 github.com/arduino/arduino-create-agent 4 github.com/concourse/concourse 4 github.com/casdoor/casdoor 4 github.com/containers/podman/v3 4 github.com/argoproj/argo-workflows/v3 4 github.com/dexidp/dex 4 github.com/alist-org/alist/v3 4 github.com/oauth2-proxy/oauth2-proxy 4 github.com/ory/fosite 4 github.com/caddyserver/caddy 4 github.com/lestrrat-go/jwx 4 github.com/lestrrat-go/jwx/v2 4 github.com/hashicorp/go-getter/gcs/v2 4 github.com/IceWhaleTech/CasaOS-UserService 4 github.com/gin-gonic/gin 4 github.com/git-lfs/git-lfs 4 github.com/hashicorp/go-getter/s3/v2 4 github.com/phachon/mm-wiki 3 github.com/hashicorp/vault/vault 3 github.com/flyteorg/flyteadmin 3 github.com/cheqd/cheqd-node 3 github.com/nats-io/jwt/v2 3 github.com/go-vela/server 3 github.com/apache/servicecomb-service-center 3 github.com/docker/distribution 3 github.com/navidrome/navidrome 3 github.com/coredns/coredns 3 github.com/syncthing/syncthing 3 github.com/ElrondNetwork/elrond-go 3 github.com/jackc/pgx/v4 3 gopkg.in/yaml.v2 3 github.com/cortexproject/cortex 3 github.com/minio/minio 3 github.com/consensys/gnark 3 go.etcd.io/etcd/client/v3 3 github.com/projectcalico/calico 3 github.com/lightningnetwork/lnd 3 github.com/ory/oathkeeper 3 github.com/notaryproject/notation 3 github.com/fluxcd/helm-controller 3 golang.org/x/text 3 github.com/sigstore/cosign/v2 3 github.com/quic-go/quic-go 3 github.com/stacklok/minder 3 github.com/heketi/heketi 3 github.com/owncast/owncast 3 github.com/openshift/origin 3 k8s.io/client-go 3 github.com/miekg/dns 3 github.com/libp2p/go-libp2p 3 github.com/tharsis/evmos 3 github.com/authelia/authelia/v4 3 github.com/crossplane/crossplane 3 golang.org/x/image 3 github.com/crypto-org-chain/cronos 3 github.com/hashicorp/boundary 3 github.com/mholt/archiver 3 github.com/dutchcoders/transfer.sh 3 github.com/weaveworks/weave-gitops 3 github.com/edgelesssys/constellation/v2 3 github.com/square/go-jose 3 github.com/artifacthub/hub 3 github.com/cloudflare/circl 2 gopkg.in/src-d/go-git.v4 2 github.com/woodpecker-ci/woodpecker 2 github.com/minio/console 2 github.com/go-yaml/yaml 2 github.com/ansible-semaphore/semaphore 2 github.com/pires/go-proxyproto 2 github.com/rancher/wrangler 2 github.com/flynn/noise 2 github.com/gphper/ginadmin 2 mellium.im/xmpp 2 github.com/clastix/capsule-proxy 2 github.com/etcd-io/etcd 2 github.com/mutagen-io/mutagen 2 github.com/unknwon/cae 2 github.com/openshift/apiserver-library-go 2 vitess.io/vitess 2 github.com/bytebase/bytebase 2 github.com/hashicorp/terraform 2 github.com/edgexfoundry/app-functions-sdk-go/v2 2 github.com/influxdata/influxdb 2 github.com/protocolbuffers/protobuf 2 github.com/gotify/server 2 github.com/brokercap/Bifrost 2 github.com/imgproxy/imgproxy/v3 2 github.com/prometheus/prometheus 2 github.com/dvsekhvalnov/jose2go 2 github.com/containers/podman/v2 2 github.com/pingcap/tidb 2 github.com/microcosm-cc/bluemonday 2 github.com/sap/cloud-security-client-go 2 github.com/facebook/fbthrift 2 github.com/talos-systems/talos 2 protobuf 2 github.com/flipped-aurora/gin-vue-admin/server 2 github.com/containers/podman 2 github.com/swaggo/http-swagger 2 github.com/gohugoio/hugo 2 github.com/apache/thrift 2 github.com/labstack/echo/v4 2 github.com/ipld/go-codec-dagpb 2 github.com/codenotary/immudb 2 github.com/kata-containers/runtime 2 github.com/ecnepsnai/web 2 github.com/kitabisa/teler-waf 2 github.com/IceWhaleTech/CasaOS 2 github.com/projectcapsule/capsule-proxy 2
Filter by Repository
https://github.com/usememos/memos 59 https://github.com/kubernetes/kubernetes 48 https://github.com/argoproj/argo-cd 37 https://github.com/answerdev/answer 34 https://github.com/go-gitea/gitea 31 https://github.com/rancher/rancher 25 https://github.com/grafana/grafana 21 https://github.com/cilium/cilium 20 https://github.com/gogs/gogs 20 https://github.com/hashicorp/consul 19 https://github.com/helm/helm 19 https://github.com/hashicorp/vault 16 https://github.com/etcd-io/etcd 16 https://github.com/goharbor/harbor 15 https://github.com/ethereum/go-ethereum 15 https://github.com/mattermost/mattermost 14 https://github.com/moby/moby 14 https://github.com/traefik/traefik 13 https://github.com/hashicorp/nomad 13 https://github.com/containerd/containerd 13 https://github.com/golang/go 13 https://github.com/opencontainers/runc 11 https://github.com/openfga/openfga 11 https://github.com/zitadel/zitadel 11 https://github.com/containers/podman 11 https://github.com/cloudflare/cfrpki 11 https://github.com/nats-io/nats-server 10 https://github.com/cosmos/cosmos-sdk 10 https://github.com/1Panel-dev/1Panel 10 https://github.com/greenpau/caddy-security 10 https://github.com/cri-o/cri-o 9 https://github.com/istio/istio 8 https://github.com/kubeedge/kubeedge 8 https://github.com/pomerium/pomerium 8 https://github.com/docker/docker 8 https://github.com/kubernetes/ingress-nginx 7 https://github.com/beego/beego 7 https://github.com/hashicorp/go-getter 7 https://github.com/google/fscrypt 7 https://github.com/hpcng/singularity 7 https://github.com/pterodactyl/wings 6 https://github.com/schollz/croc 6 https://github.com/sigstore/cosign 6 https://github.com/pion/dtls 6 https://github.com/moby/buildkit 6 https://github.com/hyperledger/fabric 6 https://github.com/treeverse/lakeFS 6 https://github.com/gravitl/netmaker 6 https://github.com/authzed/spicedb 6 https://github.com/containers/buildah 6 https://github.com/fluxcd/flux2 6 https://github.com/cubefs/cubefs 6 https://github.com/0xJacky/nginx-ui 5 https://github.com/argoproj/argo-workflows 5 https://github.com/russellhaering/gosaml2 5 https://github.com/cometbft/cometbft 5 https://github.com/crewjam/saml 5 https://github.com/foxcpp/maddy 5 https://github.com/free5gc/free5gc 5 https://github.com/gofiber/fiber 5 https://github.com/gophish/gophish 5 https://github.com/kyverno/kyverno 5 https://github.com/IBAX-io/go-ibax 5 https://github.com/ipfs/go-ipfs 5 https://github.com/tidwall/gjson 5 https://github.com/tendermint/tendermint 5 https://github.com/casdoor/casdoor 4 https://github.com/IceWhaleTech/CasaOS-UserService 4 https://github.com/caddyserver/caddy 4 https://github.com/oauth2-proxy/oauth2-proxy 4 https://github.com/grafana/bugbounty 4 https://github.com/open-policy-agent/opa 4 https://github.com/git-lfs/git-lfs 4 https://github.com/siderolabs/talos 4 https://github.com/aws/aws-sdk-go 4 https://github.com/gin-gonic/gin 4 https://github.com/concourse/concourse 4 https://github.com/dexidp/dex 4 https://github.com/nats-io/jwt 4 https://github.com/kubevirt/kubevirt 4 https://github.com/arduino/arduino-create-agent 4 https://github.com/dhowden/tag 4 https://github.com/lestrrat-go/jwx 4 https://github.com/ory/fosite 4 https://github.com/containous/traefik 4 https://github.com/ory/oathkeeper 3 https://github.com/open-telemetry/opentelemetry-go-contrib 3 https://github.com/u-root/u-root 3 https://github.com/gogits/gogs 3 https://github.com/phachon/mm-wiki 3 https://github.com/flyteorg/flyteadmin 3 https://github.com/flipped-aurora/gin-vue-admin 3 https://github.com/evmos/evmos 3 https://github.com/ElrondNetwork/elrond-go 3 https://github.com/edgelesssys/constellation 3 https://github.com/openshift/origin 3 https://github.com/go-vela/server 3 https://github.com/go-yaml/yaml 3 https://github.com/heketi/heketi 3 https://github.com/ipfs/boxo 3 https://github.com/kiali/kiali 3 https://github.com/KubeOperator/KubePi 3 https://github.com/navidrome/navidrome 3 https://github.com/tailscale/tailscale 3 https://github.com/kubernetes-sigs/secrets-store-csi-driver 3 https://github.com/syncthing/syncthing 3 https://github.com/libp2p/go-libp2p 3 https://github.com/sylabs/singularity 3 https://github.com/moby/libnetwork 3 https://github.com/minio/minio 3 https://github.com/stacklok/minder 3 https://github.com/cheqd/cheqd-node 3 https://github.com/Consensys/gnark 3 https://github.com/authelia/authelia 3 https://github.com/artifacthub/hub 3 https://github.com/cortexproject/cortex 3 https://github.com/weaveworks/weave-gitops 3 https://github.com/crossplane/crossplane 3 https://github.com/quic-go/quic-go 3 https://github.com/apache/trafficcontrol 3 https://github.com/alist-org/alist 3 https://github.com/square/go-jose 3 https://github.com/dutchcoders/transfer.sh 3 https://github.com/IceWhaleTech/CasaOS 2 https://github.com/minio/console 2 https://github.com/imgproxy/imgproxy 2 https://github.com/bytebase/bytebase 2 https://github.com/influxdata/influxdb 2 https://github.com/buger/jsonparser 2 https://github.com/brokercap/Bifrost 2 https://github.com/miekg/dns 2 https://github.com/ipld/go-codec-dagpb 2 https://github.com/jackc/pgproto3 2 https://github.com/bottlerocket-os/bottlerocket 2 https://github.com/kitabisa/teler 2 https://github.com/kitabisa/teler-waf 2 https://github.com/temporalio/temporal 2 https://github.com/bitly/oauth2_proxy 2 https://github.com/zinclabs/zinc 2 https://github.com/atredispartners/advisories 2 https://github.com/argoproj/argo-events 2 https://github.com/zalando/skipper 2 https://github.com/microcosm-cc/bluemonday 2 https://github.com/apptainer/apptainer 2 https://github.com/mholt/archiver 2 https://github.com/labring/sealos 2 https://github.com/mellium/xmpp 2 https://github.com/mattermost/mattermost-plugin-jira 2 https://github.com/labstack/echo 2 https://github.com/1Panel-dev/KubePi 2 https://github.com/Masterminds/goutils 2 https://github.com/lightningnetwork/lnd 2 https://github.com/go-jose/go-jose 2 https://github.com/gohugoio/hugo 2 https://github.com/cosmos/ethermint 2 https://github.com/go-git/go-git 2 https://github.com/vitessio/vitess 2 https://github.com/crypto-org-chain/cronos 2 https://github.com/flynn/noise 2 https://github.com/fluid-cloudnative/fluid 2 https://github.com/distribution/distribution 2 https://github.com/fleetdm/fleet 2 https://github.com/fkie-cad/yapscan 2 https://github.com/facebook/fbthrift 2 https://github.com/drakkan/sftpgo 2 https://github.com/envoyproxy/envoy 2 https://github.com/elastic/beats 2 https://github.com/edgelesssys/marblerun 2 https://github.com/dvsekhvalnov/jose2go 2 https://github.com/theupdateframework/go-tuf 2 https://github.com/heroiclabs/nakama 2 https://github.com/hashicorp/terraform 2 https://github.com/cloudflare/circl 2 https://github.com/cloudflare/cloudflared 2 https://github.com/codenotary/immudb 2 https://github.com/gphper/ginadmin 2 https://github.com/Consensys/gnark-crypto 2 https://github.com/containers/libpod 2 https://github.com/gotify/server 2 https://github.com/ulikunitz/xz 2 https://github.com/woodpecker-ci/woodpecker 2 https://github.com/coredns/coredns 2 https://github.com/google/exposure-notifications-verification-server 2 https://github.com/coreos/etcd 2 https://github.com/unknwon/cae 2 https://github.com/golang/crypto 2 https://github.com/ecnepsnai/web 2 https://github.com/peterzen/goresolver 2 https://github.com/pingcap/tidb 2 https://github.com/multiversx/mx-chain-go 2 https://github.com/mutagen-io/mutagen 2 https://github.com/stripe/smokescreen 2 https://github.com/ntbosscher/gobase 2 https://github.com/projectdiscovery/nuclei 2 https://github.com/Netflix/security-bulletins 2 https://github.com/notaryproject/notation 2 https://github.com/russellhaering/goxmldsig 2 https://github.com/opencontainers/distribution-spec 2 https://github.com/sigstore/rekor 2