Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
go Security Advisories
Loading...
High
Ecosystems: go
Packages: github.com/go-vela/cli
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
GSA_kwCzR0hTQS00amhqLTNndjMtYzNncs4AA6CS
CLI for Vela Insecure Variable SubstitutionEcosystems: go
Packages: github.com/go-vela/cli
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
High
Ecosystems: go
Packages: github.com/hashicorp/nomad
Source: GitHub Advisory Database
Blast Radius: 17.8
Published: 3 months ago
GSA_kwCzR0hTQS1jODY2LThncHctcDNtds4AA5K1
HashiCorp Nomad vulnerable to symlink attacksEcosystems: go
Packages: github.com/hashicorp/nomad
Source: GitHub Advisory Database
Blast Radius: 17.8
Published: 3 months ago
High
Ecosystems: go
Packages: go.etcd.io/etcd
Source: GitHub Advisory Database
Blast Radius: 35.4
Published: 3 months ago
GSA_kwCzR0hTQS0yeGhxLWd2NmMtcDIyNM4AA49C
Etcd Gateway can include itself as an endpoint resulting in resource exhaustionEcosystems: go
Packages: go.etcd.io/etcd
Source: GitHub Advisory Database
Blast Radius: 35.4
Published: 3 months ago
High
Ecosystems: go
Packages: github.com/opencontainers/runc
Source: GitHub Advisory Database
Blast Radius: 33.7
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWMzeG0tcHZnNy1naDdy
mount destinations can be swapped via symlink-exchange to cause mounts outside the rootfsEcosystems: go
Packages: github.com/opencontainers/runc
Source: GitHub Advisory Database
Blast Radius: 33.7
Published: almost 3 years ago
High
Ecosystems: go
Packages: k8s.io/ingress-nginx
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 7 months ago
GSA_kwCzR0hTQS01d2o0LXdmZnEtMzM3OM4AA2tO
Ingress nginx annotation injection causes arbitrary command executionEcosystems: go
Packages: k8s.io/ingress-nginx
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 7 months ago
High
Ecosystems: go
Packages: k8s.io/ingress-nginx
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 7 months ago
GSA_kwCzR0hTQS1mcDlmLTQ0YzItY3cyN84AA2tB
Ingress-nginx code injection via nginx.ingress.kubernetes.io/permanent-redirect annotationEcosystems: go
Packages: k8s.io/ingress-nginx
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 7 months ago
Moderate
Ecosystems: go
Packages: github.com/goharbor/harbor
Source: GitHub Advisory Database
Blast Radius: 4.6
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJmZnItYzkzMi1jcHh2
Cross-site Request Forgery (CSRF) in Cloud Native Computing Foundation HarborEcosystems: go
Packages: github.com/goharbor/harbor
Source: GitHub Advisory Database
Blast Radius: 4.6
Published: almost 3 years ago
High
Ecosystems: go
Packages: github.com/istio/istio
Source: GitHub Advisory Database
Blast Radius: 2.3
Published: over 1 year ago
GSA_kwCzR0hTQS02YzZwLWg3OWYtZzZwNM4AAvxx
Istio may allow identity impersonation if user has localhost accessEcosystems: go
Packages: github.com/istio/istio
Source: GitHub Advisory Database
Blast Radius: 2.3
Published: over 1 year ago
High
Ecosystems: go
Packages: github.com/apache/servicecomb-service-center
Source: GitHub Advisory Database
Blast Radius: 3.6
Published: 3 months ago
GSA_kwCzR0hTQS05eGM5LXhxN3ctdnBjcs4AA49b
Apache ServiceComb Service-Center Server-Side Request Forgery vulnerabilityEcosystems: go
Packages: github.com/apache/servicecomb-service-center
Source: GitHub Advisory Database
Blast Radius: 3.6
Published: 3 months ago
High
Ecosystems: go
Packages: github.com/cilium/cilium
Source: GitHub Advisory Database
Blast Radius: 15.3
Published: almost 2 years ago
GSA_kwCzR0hTQS1mbXJmLWd2anAtNWo1Z84AAqwg
Improper Privilege Management in CiliumEcosystems: go
Packages: github.com/cilium/cilium
Source: GitHub Advisory Database
Blast Radius: 15.3
Published: almost 2 years ago
High
Ecosystems: go
Packages: github.com/dapr/dashboard
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS0ydzZtLXE5NDYtMzk5cs4AAvKQ
Dapr Dashboard vulnerable to Incorrect Access ControlEcosystems: go
Packages: github.com/dapr/dashboard
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
High
Ecosystems: go
Packages: github.com/argoproj/argo-events
Source: GitHub Advisory Database
Blast Radius: 16.7
Published: almost 2 years ago
GSA_kwCzR0hTQS01cTg2LTYyeHItM3I1N84AArtD
Uses of deprecated API can be used to cause DoS in user-facing endpointsEcosystems: go
Packages: github.com/argoproj/argo-events
Source: GitHub Advisory Database
Blast Radius: 16.7
Published: almost 2 years ago
High
Ecosystems: go
Packages: github.com/gravitl/netmaker
Source: GitHub Advisory Database
Blast Radius: 5.8
Published: 9 months ago
GSA_kwCzR0hTQS04eDhoLWhjcTgtand3eM4AA1gV
Netmaker has Hardcoded DNS Secret KeyEcosystems: go
Packages: github.com/gravitl/netmaker
Source: GitHub Advisory Database
Blast Radius: 5.8
Published: 9 months ago
High
Ecosystems: go
Packages: github.com/hashicorp/consul
Source: GitHub Advisory Database
Blast Radius: 26.1
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThoMmctcjI5Mi1qOHho
HashiCorp Consul L7 deny intention results in an allow actionEcosystems: go
Packages: github.com/hashicorp/consul
Source: GitHub Advisory Database
Blast Radius: 26.1
Published: almost 3 years ago
High
Ecosystems: go
Packages: github.com/ory/oathkeeper
Source: GitHub Advisory Database
Blast Radius: 2.3
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZmdmYtNmd4NS1tcXY2
Incorrect Authorization in ORY OathkeeperEcosystems: go
Packages: github.com/ory/oathkeeper
Source: GitHub Advisory Database
Blast Radius: 2.3
Published: almost 3 years ago
High
Ecosystems: go
Packages: gogs.io/gogs
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
GSA_kwCzR0hTQS05aHhnLXc3cWYtaGg5M84AAUTC
Gogs Directory TraversalEcosystems: go
Packages: gogs.io/gogs
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
High
Ecosystems: go
Packages: github.com/kumahq/kuma
Source: GitHub Advisory Database
Blast Radius: 5.8
Published: 7 months ago
GSA_kwCzR0hTQS05d21jLXJnNGgtMjh3ds4AA2gR
github.com/kumahq/kuma affected by CVE-2023-44487Ecosystems: go
Packages: github.com/kumahq/kuma
Source: GitHub Advisory Database
Blast Radius: 5.8
Published: 7 months ago
High
Ecosystems: go
Packages: github.com/usememos/memos
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS0zM204LWY0aHctd20zcc4AAwne
usememos/memos Denial of Service vulnerabilityEcosystems: go
Packages: github.com/usememos/memos
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
High
Ecosystems: go
Packages: github.com/lightningnetwork/lnd
Source: GitHub Advisory Database
Blast Radius: 16.2
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc4aGotODZjci02ajJ2
Improper Access Control in Lightning Network DaemonEcosystems: go
Packages: github.com/lightningnetwork/lnd
Source: GitHub Advisory Database
Blast Radius: 16.2
Published: almost 3 years ago
High
Ecosystems: go
Packages: github.com/pion/dtls/v2, github.com/pion/dtls
Source: GitHub Advisory Database
Blast Radius: 22.6
Published: almost 2 years ago
GSA_kwCzR0hTQS1jbThmLWg2ajMtcDI1Y84AArBD
Pion DTLS Header reconstruction method can be thrown into an infinite loopEcosystems: go
Packages: github.com/pion/dtls/v2, github.com/pion/dtls
Source: GitHub Advisory Database
Blast Radius: 22.6
Published: almost 2 years ago
High
Ecosystems: go
Packages: github.com/hashicorp/consul
Source: GitHub Advisory Database
Blast Radius: 26.1
Published: about 2 years ago
GSA_kwCzR0hTQS1xNmg3LTRxZ3ctMmo5cM09kw
Hashicorp Consul HTTP health check endpoints returning an HTTP redirect may be abused as SSRF vectorEcosystems: go
Packages: github.com/hashicorp/consul
Source: GitHub Advisory Database
Blast Radius: 26.1
Published: about 2 years ago
High
Ecosystems: go
Packages: github.com/hashicorp/nomad
Source: GitHub Advisory Database
Blast Radius: 17.4
Published: about 2 years ago
GSA_kwCzR0hTQS0zMzgyLXI5cTgtNGhmZ80vag
HashiCorp Nomad vulnerable to Allocation of Resources Without Limits or ThrottlingEcosystems: go
Packages: github.com/hashicorp/nomad
Source: GitHub Advisory Database
Blast Radius: 17.4
Published: about 2 years ago
High
Ecosystems: go
Packages: github.com/go-gitea/gitea
Source: GitHub Advisory Database
Blast Radius: 12.1
Published: about 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWcycXgtNmdody02N2ht
Denial of Service in GiteaEcosystems: go
Packages: github.com/go-gitea/gitea
Source: GitHub Advisory Database
Blast Radius: 12.1
Published: about 2 years ago
High
Ecosystems: go
Packages: github.com/docker/docker
Source: GitHub Advisory Database
Blast Radius: 34.5
Published: almost 2 years ago
GSA_kwCzR0hTQS1qMjQ5LWdodjUtN214ds4AAhV5
Secret insertion into debug log in DockerEcosystems: go
Packages: github.com/docker/docker
Source: GitHub Advisory Database
Blast Radius: 34.5
Published: almost 2 years ago
High
Ecosystems: go
Packages: github.com/russellhaering/goxmldsig, github.com/russellhaering/gosaml2
Source: GitHub Advisory Database
Blast Radius: 23.9
Published: over 1 year ago
GSA_kwCzR0hTQS1wcmpxLWY0cTMtZnZmcs4AAv43
github.com/russellhaering/gosaml2 is vulnerable to NULL Pointer DereferenceEcosystems: go
Packages: github.com/russellhaering/goxmldsig, github.com/russellhaering/gosaml2
Source: GitHub Advisory Database
Blast Radius: 23.9
Published: over 1 year ago
High
Ecosystems: go
Packages: github.com/ElrondNetwork/elrond-go
Source: GitHub Advisory Database
Blast Radius: 8.4
Published: over 1 year ago
GSA_kwCzR0hTQS1xZjdqLTI1ZzktcjYzZs4AAulL
elrond-go MultiESDTNFTTransfer call on a SC address with missing function nameEcosystems: go
Packages: github.com/ElrondNetwork/elrond-go
Source: GitHub Advisory Database
Blast Radius: 8.4
Published: over 1 year ago
High
Ecosystems: go
Packages: github.com/nats-io/nats-server/v2, github.com/nats-io/nats-server
Source: GitHub Advisory Database
Blast Radius: 33.0
Published: about 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW00angtNjUyNi12dmht
Denial of service in github.com/nats-io/nats-server/serverEcosystems: go
Packages: github.com/nats-io/nats-server/v2, github.com/nats-io/nats-server
Source: GitHub Advisory Database
Blast Radius: 33.0
Published: about 2 years ago
High
Ecosystems: go
Packages: github.com/syncthing/syncthing
Source: GitHub Advisory Database
Blast Radius: 16.8
Published: about 2 years ago
GSA_kwCzR0hTQS0yOHhwLWc3ZjYtN21oZs4AAXir
Syncthing vulnerable to symlink traversal and arbitrary file overwriteEcosystems: go
Packages: github.com/syncthing/syncthing
Source: GitHub Advisory Database
Blast Radius: 16.8
Published: about 2 years ago
High
Ecosystems: go
Packages: github.com/cloudflare/cloudflared
Source: GitHub Advisory Database
Blast Radius: 3.6
Published: about 1 year ago
GSA_kwCzR0hTQS03bWp2LXgzamYtNTQ1eM4AAyNr
cloudflared's Installer has Local Privilege Escalation VulnerabilityEcosystems: go
Packages: github.com/cloudflare/cloudflared
Source: GitHub Advisory Database
Blast Radius: 3.6
Published: about 1 year ago
High
Ecosystems: go
Packages: github.com/bytom/bytom
Source: GitHub Advisory Database
Blast Radius: 3.6
Published: about 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZjM3gtZ3g2Yy1nOTlm
Denial of Service in BytomEcosystems: go
Packages: github.com/bytom/bytom
Source: GitHub Advisory Database
Blast Radius: 3.6
Published: about 2 years ago
High
Ecosystems: go
Packages: github.com/hashicorp/consul
Source: GitHub Advisory Database
Blast Radius: 26.1
Published: over 1 year ago
GSA_kwCzR0hTQS1ndzJnLWhoYzktd2dqaM4AAv5M
Missing Authorization in HashiCorp ConsulEcosystems: go
Packages: github.com/hashicorp/consul
Source: GitHub Advisory Database
Blast Radius: 26.1
Published: over 1 year ago
High
Ecosystems: go
Packages: goa.design/goa/v3, goa.design/goa, github.com/goadesign/goa
Source: GitHub Advisory Database
Blast Radius: 15.9
Published: over 1 year ago
GSA_kwCzR0hTQS1mamdxLTIyNGYtZnEzN84AAwoc
Goa vulnerable to path traversalEcosystems: go
Packages: goa.design/goa/v3, goa.design/goa, github.com/goadesign/goa
Source: GitHub Advisory Database
Blast Radius: 15.9
Published: over 1 year ago
High
Ecosystems: go
Packages: github.com/nats-io/jwt, github.com/nats-io/nats-server/v2, github.com/nats-io/jwt/v2
Source: GitHub Advisory Database
Blast Radius: 33.1
Published: about 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTlyNXgtZmp2My1xNmg0
Incorrect Access Control in github.com/nats-io/jwt and github.com/nats-io/nats-server/v2Ecosystems: go
Packages: github.com/nats-io/jwt, github.com/nats-io/nats-server/v2, github.com/nats-io/jwt/v2
Source: GitHub Advisory Database
Blast Radius: 33.1
Published: about 2 years ago
Low
Ecosystems: go
Packages: github.com/nats-io/nats-server/v2
Source: GitHub Advisory Database
Blast Radius: 33.0
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWd3ajUtM3ZmcS1xOTky
Import loops in account imports, nats-server DoSEcosystems: go
Packages: github.com/nats-io/nats-server/v2
Source: GitHub Advisory Database
Blast Radius: 33.0
Published: almost 3 years ago
High
Ecosystems: go
Packages: github.com/go-macaron/csrf
Source: GitHub Advisory Database
Blast Radius: 15.5
Published: over 1 year ago
GSA_kwCzR0hTQS1oaHhnLXB4NWgtamMzMs4AAwqY
Macaron csrf missing encryption and has sensitive cookies in HTTP session without secure attributeEcosystems: go
Packages: github.com/go-macaron/csrf
Source: GitHub Advisory Database
Blast Radius: 15.5
Published: over 1 year ago
High
Ecosystems: go
Packages: code.gitea.io/gitea
Source: GitHub Advisory Database
Blast Radius: 11.8
Published: almost 2 years ago
GSA_kwCzR0hTQS1wNWY5LWM5ajktZzhxeM4AAX7W
Shell command injection in giteaEcosystems: go
Packages: code.gitea.io/gitea
Source: GitHub Advisory Database
Blast Radius: 11.8
Published: almost 2 years ago
High
Ecosystems: go
Packages: github.com/b3log/wide
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS02NDUyLWpyOTMtcjVxbc4AAhV6
b3log Wide unauthenticated file accessEcosystems: go
Packages: github.com/b3log/wide
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Critical
Ecosystems: go
Packages: github.com/concourse/dex, github.com/concourse/concourse
Source: GitHub Advisory Database
Blast Radius: 11.9
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTYyN3AtcnI3OC05OXJq
GitLab auth uses full name instead of username as user ID, allowing impersonationEcosystems: go
Packages: github.com/concourse/dex, github.com/concourse/concourse
Source: GitHub Advisory Database
Blast Radius: 11.9
Published: over 2 years ago
High
Ecosystems: go
Packages: github.com/nats-io/jwt/v2, github.com/nats-io/jwt, github.com/nats-io/nats-server/v2
Source: GitHub Advisory Database
Blast Radius: 33.1
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWo3NTYtZjI3My14aHA0
github.com/nats-io/nats-server/ Import token permissions checking not enforcedEcosystems: go
Packages: github.com/nats-io/jwt/v2, github.com/nats-io/jwt, github.com/nats-io/nats-server/v2
Source: GitHub Advisory Database
Blast Radius: 33.1
Published: almost 3 years ago
High
Ecosystems: go
Packages: golang.org/x/crypto
Source: GitHub Advisory Database
Blast Radius: 40.7
Published: over 1 year ago
GSA_kwCzR0hTQS1nd2M5LW03cmgtajJ3d84AAup1
x/crypto/ssh vulnerable to panic via malformed packetsEcosystems: go
Packages: golang.org/x/crypto
Source: GitHub Advisory Database
Blast Radius: 40.7
Published: over 1 year ago
High
Ecosystems: go
Packages: go.opentelemetry.io/contrib/instrumentation/net/http/httptrace/otelhttptrace, go.opentelemetry.io/contrib/instrumentation/gopkg.in/macaron.v1/otelmacaron, go.opentelemetry.io/contrib/instrumentation/github.com/labstack/echo/otelecho, go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux, go.opentelemetry.io/contrib/instrumentation/github.com/gin-gonic/gin/otelgin, go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful, go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp
Source: GitHub Advisory Database
Blast Radius: 31.4
Published: 7 months ago
GSA_kwCzR0hTQS1yY2p2LW1ncDgtcXZtcs4AA2eX
OpenTelemetry-Go Contrib vulnerable to denial of service in otelhttp due to unbound cardinality metricsEcosystems: go
Packages: go.opentelemetry.io/contrib/instrumentation/net/http/httptrace/otelhttptrace, go.opentelemetry.io/contrib/instrumentation/gopkg.in/macaron.v1/otelmacaron, go.opentelemetry.io/contrib/instrumentation/github.com/labstack/echo/otelecho, go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux, go.opentelemetry.io/contrib/instrumentation/github.com/gin-gonic/gin/otelgin, go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful, go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp
Source: GitHub Advisory Database
Blast Radius: 31.4
Published: 7 months ago
High
Ecosystems: go
Packages: github.com/fkie-cad/yapscan
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS13eHdxLTUyNXctaGNxeM4AAx7Y
Yapscan Denial of Service vulnerability in report serverEcosystems: go
Packages: github.com/fkie-cad/yapscan
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
High
Ecosystems: go
Packages: github.com/u-root/u-root
Source: GitHub Advisory Database
Blast Radius: 20.3
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc1cWYtd2dmai12NjUy
github.com/u-root/u-root/pkg/tarutil Arbitrary File Write via Archive Extraction (Zip Slip)Ecosystems: go
Packages: github.com/u-root/u-root
Source: GitHub Advisory Database
Blast Radius: 20.3
Published: almost 3 years ago
High
Ecosystems: go
Packages: github.com/mastercactapus/proxyprotocol
Source: GitHub Advisory Database
Blast Radius: 13.9
Published: almost 2 years ago
GSA_kwCzR0hTQS04NWM1LWNjbTgtdnI5Ns4AAhZP
mastercactapus proxyprotocol vulnerable to denial of serviceEcosystems: go
Packages: github.com/mastercactapus/proxyprotocol
Source: GitHub Advisory Database
Blast Radius: 13.9
Published: almost 2 years ago
High
Ecosystems: go
Packages: golang.org/x/text
Source: GitHub Advisory Database
Blast Radius: 40.9
Published: over 1 year ago
GSA_kwCzR0hTQS02OWNoLXcybTItM3ZqcM4AAvV0
golang.org/x/text/language Denial of service via crafted Accept-Language headerEcosystems: go
Packages: golang.org/x/text
Source: GitHub Advisory Database
Blast Radius: 40.9
Published: over 1 year ago
High
Ecosystems: go
Packages: github.com/tendermint/tendermint
Source: GitHub Advisory Database
Blast Radius: 26.1
Published: over 1 year ago
GSA_kwCzR0hTQS0zZm0zLW0yM3YtNXI0Ns4AAwoV
Tendermint Client package vulnerable to Uncontrolled Resource ConsumptionEcosystems: go
Packages: github.com/tendermint/tendermint
Source: GitHub Advisory Database
Blast Radius: 26.1
Published: over 1 year ago
High
Ecosystems: go
Packages: github.com/cri-o/cri-o
Source: GitHub Advisory Database
Blast Radius: 13.4
Published: almost 2 years ago
GSA_kwCzR0hTQS1mY20yLTZjM2gtcGc2as4AArZe
Node DOS by way of memory exhaustion through ExecSync request in CRI-OEcosystems: go
Packages: github.com/cri-o/cri-o
Source: GitHub Advisory Database
Blast Radius: 13.4
Published: almost 2 years ago
High
Ecosystems: maven, pypi, go, packagist, nuget
Packages: com.google.protobuf:protobuf-java, protobuf, github.com/protocolbuffers/protobuf, google/protobuf, Google.Protobuf
Source: GitHub Advisory Database
Blast Radius: 111.3
Published: over 2 years ago
GSA_kwCzR0hTQS03N3JtLTl4OWgteGozZ80mxQ
NULL Pointer Dereference in Protocol BuffersEcosystems: maven, pypi, go, packagist, nuget
Packages: com.google.protobuf:protobuf-java, protobuf, github.com/protocolbuffers/protobuf, google/protobuf, Google.Protobuf
Source: GitHub Advisory Database
Blast Radius: 111.3
Published: over 2 years ago
High
Ecosystems: go
Packages: github.com/hashicorp/vault-ssh-helper
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWY5ZnEtdmp2aC03Nzlw
Improper Input Validation in vault-ssh-helperEcosystems: go
Packages: github.com/hashicorp/vault-ssh-helper
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
High
Ecosystems: go
Packages: github.com/cosmos/ethermint
Source: GitHub Advisory Database
Blast Radius: 6.3
Published: about 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTkzcDUtOGZxdy13angz
Authentication bypass by capture-replay in github.com/cosmos/ethermintEcosystems: go
Packages: github.com/cosmos/ethermint
Source: GitHub Advisory Database
Blast Radius: 6.3
Published: about 2 years ago
High
Ecosystems: go
Packages: github.com/flipped-aurora/gin-vue-admin
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS14NjIzLWhyOGgtN2c1ds4AAxaj
Path Traversal in gin-vue-adminEcosystems: go
Packages: github.com/flipped-aurora/gin-vue-admin
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
High
Ecosystems: go
Packages: github.com/charmbracelet/soft-serve
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 7 months ago
GSA_kwCzR0hTQS1tYzk3LTk5ajQtdm0yds4AA2MF
Soft Serve Public Key Authentication Bypass Vulnerability when Keyboard-Interactive SSH Authentication is EnabledEcosystems: go
Packages: github.com/charmbracelet/soft-serve
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 7 months ago
High
Ecosystems: go
Packages: github.com/gomarkdown/markdown
Source: GitHub Advisory Database
Blast Radius: 22.5
Published: 8 months ago
GSA_kwCzR0hTQS1tOXhxLTZoMmotNjVyMs4AA2Ar
Markdown vulnerable to Out-of-bounds Read while parsing citationsEcosystems: go
Packages: github.com/gomarkdown/markdown
Source: GitHub Advisory Database
Blast Radius: 22.5
Published: 8 months ago
High
Ecosystems: go
Packages: github.com/sylabs/singularity
Source: GitHub Advisory Database
Blast Radius: 6.8
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBtZnItNjNjMi1qcjVj
Execution Control List (ECL) Is Insecure in SingularityEcosystems: go
Packages: github.com/sylabs/singularity
Source: GitHub Advisory Database
Blast Radius: 6.8
Published: over 2 years ago
High
Ecosystems: go
Packages: golang.org/x/net
Source: GitHub Advisory Database
Blast Radius: 40.8
Published: 7 months ago
GSA_kwCzR0hTQS00Mzc0LXA2NjctcDZjOM4AA2ZJ
HTTP/2 rapid reset can cause excessive work in net/httpEcosystems: go
Packages: golang.org/x/net
Source: GitHub Advisory Database
Blast Radius: 40.8
Published: 7 months ago
High
Ecosystems: go
Packages: github.com/openfga/openfga
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
GSA_kwCzR0hTQS1ocjRmLTZqaDgtZjJ2cc4AA2i_
OpenFGA DoS vulnerabilityEcosystems: go
Packages: github.com/openfga/openfga
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
High
Ecosystems: go
Packages: github.com/argoproj/argo-events
Source: GitHub Advisory Database
Blast Radius: 16.7
Published: almost 2 years ago
GSA_kwCzR0hTQS1xcGd4LTY0aDItZ2MzY84AArtE
Insecure path traversal in Git Trigger Source can lead to arbitrary file readEcosystems: go
Packages: github.com/argoproj/argo-events
Source: GitHub Advisory Database
Blast Radius: 16.7
Published: almost 2 years ago
High
Ecosystems: go
Packages: github.com/russellhaering/goxmldsig, github.com/russellhaering/gosaml2
Source: GitHub Advisory Database
Blast Radius: 23.9
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdxNXItY2M0dy1nOHhm
gosaml2 is vulnerable to NULL Pointer Dereference from malformed XML signaturesEcosystems: go
Packages: github.com/russellhaering/goxmldsig, github.com/russellhaering/gosaml2
Source: GitHub Advisory Database
Blast Radius: 23.9
Published: almost 3 years ago
High
Ecosystems: go
Packages: github.com/traefik/traefik/v2
Source: GitHub Advisory Database
Blast Radius: 12.9
Published: about 1 year ago
GSA_kwCzR0hTQS03aGo5LXJ2NzQtNWc5Ms4AAyrs
Traefik HTTP header parsing could cause a denial of serviceEcosystems: go
Packages: github.com/traefik/traefik/v2
Source: GitHub Advisory Database
Blast Radius: 12.9
Published: about 1 year ago
High
Ecosystems: go
Packages: github.com/argoproj/argo-cd
Source: GitHub Advisory Database
Blast Radius: 11.2
Published: about 2 months ago
GSA_kwCzR0hTQS02djg1LXdyOTItcTRwN84AA6Gh
Denial of Service (DoS) Vulnerability Due to Unsafe Array Modification in Multi-threaded EnvironmentEcosystems: go
Packages: github.com/argoproj/argo-cd
Source: GitHub Advisory Database
Blast Radius: 11.2
Published: about 2 months ago
High
Ecosystems: go
Packages: github.com/hakobe/paranoidhttp
Source: GitHub Advisory Database
Blast Radius: 2.3
Published: over 1 year ago
GSA_kwCzR0hTQS12OW1wLWo4ZzctMnE2bc4AAxPu
Paranoidhttp Server-Side Request Forgery vulnerabilityEcosystems: go
Packages: github.com/hakobe/paranoidhttp
Source: GitHub Advisory Database
Blast Radius: 2.3
Published: over 1 year ago
High
Ecosystems: go
Packages: github.com/ethereum/go-ethereum
Source: GitHub Advisory Database
Blast Radius: 28.8
Published: about 2 years ago
GSA_kwCzR0hTQS1wNWdjLTk1N3gtZ2Z3Oc4AAWV1
Go Ethereum LES protocol implementation vulnerable to Denial of ServiceEcosystems: go
Packages: github.com/ethereum/go-ethereum
Source: GitHub Advisory Database
Blast Radius: 28.8
Published: about 2 years ago
High
Ecosystems: go
Packages: github.com/pires/go-proxyproto
Source: GitHub Advisory Database
Blast Radius: 24.4
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhjZjctcTU2eC03OGdo
github.com/pires/go-proxyproto vulnerable to DoS via Connection descriptor exhaustionEcosystems: go
Packages: github.com/pires/go-proxyproto
Source: GitHub Advisory Database
Blast Radius: 24.4
Published: almost 3 years ago
High
Ecosystems: go
Packages: github.com/russellhaering/gosaml2, github.com/russellhaering/goxmldsig
Source: GitHub Advisory Database
Blast Radius: 23.9
Published: over 1 year ago
GSA_kwCzR0hTQS1tcXF2LWNocHgtdnEyNc4AAvL_
goxmldsig vulnerable to crash on nil-pointer dereference caused by sending malformed XML signaturesEcosystems: go
Packages: github.com/russellhaering/gosaml2, github.com/russellhaering/goxmldsig
Source: GitHub Advisory Database
Blast Radius: 23.9
Published: over 1 year ago
High
Ecosystems: go
Packages: github.com/facebook/fbthrift
Source: GitHub Advisory Database
Blast Radius: 11.0
Published: almost 2 years ago
GSA_kwCzR0hTQS13M3I5LXI5dzctOGg0OM4AAj8K
Golang Facebook Thrift servers vulnerable to denial of serviceEcosystems: go
Packages: github.com/facebook/fbthrift
Source: GitHub Advisory Database
Blast Radius: 11.0
Published: almost 2 years ago
High
Ecosystems: go
Packages: github.com/rancher/rke2
Source: GitHub Advisory Database
Blast Radius: 8.1
Published: 8 months ago
GSA_kwCzR0hTQS1wNDVqLXZmdjUtd3Bycc4AA1yy
RKE2 supervisor port is vulnerable to unauthenticated remote denial-of-service (DoS) attack via TLS SAN stuffing attackEcosystems: go
Packages: github.com/rancher/rke2
Source: GitHub Advisory Database
Blast Radius: 8.1
Published: 8 months ago
High
Ecosystems: go
Packages: github.com/traefik/traefik
Source: GitHub Advisory Database
Blast Radius: 2.3
Published: about 2 years ago
GSA_kwCzR0hTQS0yY2pjLXJnbXAteDY0Oc3uew
Traefik Missing AuthenticationEcosystems: go
Packages: github.com/traefik/traefik
Source: GitHub Advisory Database
Blast Radius: 2.3
Published: about 2 years ago
High
Ecosystems: go
Packages: github.com/sylabs/singularity
Source: GitHub Advisory Database
Blast Radius: 6.8
Published: almost 2 years ago
GSA_kwCzR0hTQS1tajczLTV4NzUtOXBoaM4AAjAk
Singularity insecure permissionsEcosystems: go
Packages: github.com/sylabs/singularity
Source: GitHub Advisory Database
Blast Radius: 6.8
Published: almost 2 years ago
High
Ecosystems: go
Packages: istio.io/istio
Source: GitHub Advisory Database
Blast Radius: 16.3
Published: almost 2 years ago
GSA_kwCzR0hTQS1xY3Z3LTgyaGgtZ3EzOM4AAhr9
Istio ReDoS VulnerabilityEcosystems: go
Packages: istio.io/istio
Source: GitHub Advisory Database
Blast Radius: 16.3
Published: almost 2 years ago
High
Ecosystems: go
Packages: google.golang.org/grpc
Source: GitHub Advisory Database
Blast Radius: 39.0
Published: 7 months ago
GSA_kwCzR0hTQS1tNDI1LW1xOTQtMjU3Z84AA2sQ
gRPC-Go HTTP/2 Rapid Reset vulnerabilityEcosystems: go
Packages: google.golang.org/grpc
Source: GitHub Advisory Database
Blast Radius: 39.0
Published: 7 months ago
High
Ecosystems: go
Packages: golang.org/x/net
Source: GitHub Advisory Database
Blast Radius: 40.8
Published: 8 months ago
GSA_kwCzR0hTQS12Znc1LWhyZ3EtaDV3Zs4AA2Bv
x/net/html Vulnerable to DoS During HTML ParsingEcosystems: go
Packages: golang.org/x/net
Source: GitHub Advisory Database
Blast Radius: 40.8
Published: 8 months ago
High
Ecosystems: go
Packages: google.golang.org/protobuf
Source: GitHub Advisory Database
Blast Radius: 38.8
Published: about 1 year ago
GSA_kwCzR0hTQS1odzdjLTNyZmctcDQ2as4AAyHf
Panic leading to denial of serviceEcosystems: go
Packages: google.golang.org/protobuf
Source: GitHub Advisory Database
Blast Radius: 38.8
Published: about 1 year ago
High
Ecosystems: go
Packages: github.com/cloudfoundry/gorouter, code.cloudfoundry.org/gorouter
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTU3OTYtcDNtNi05cWo0
Cloud Foundry Routing Improper Input Validation vulnerabilityEcosystems: go
Packages: github.com/cloudfoundry/gorouter, code.cloudfoundry.org/gorouter
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
High
Ecosystems: go
Packages: code.gitea.io/gitea
Source: GitHub Advisory Database
Blast Radius: 11.8
Published: about 2 years ago
GSA_kwCzR0hTQS1nN3A3LXg2dzctdzZxZ83dKg
Arbitrary file deletion in giteaEcosystems: go
Packages: code.gitea.io/gitea
Source: GitHub Advisory Database
Blast Radius: 11.8
Published: about 2 years ago
High
Ecosystems: go
Packages: github.com/hashicorp/vault
Source: GitHub Advisory Database
Blast Radius: 25.2
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTl2aDUtcjRxdy12M3Z2
Improper Resource Shutdown or Release in HashiCorp VaultEcosystems: go
Packages: github.com/hashicorp/vault
Source: GitHub Advisory Database
Blast Radius: 25.2
Published: almost 3 years ago
High
Ecosystems: go
Packages: github.com/ethereum/go-ethereum
Source: GitHub Advisory Database
Blast Radius: 28.8
Published: 7 months ago
GSA_kwCzR0hTQS12OWpoLWo4cHgtOTh2cc4AA2iM
go-ethereum vulnerable to denial of service via crafted GraphQL queryEcosystems: go
Packages: github.com/ethereum/go-ethereum
Source: GitHub Advisory Database
Blast Radius: 28.8
Published: 7 months ago
High
Ecosystems: go
Packages: github.com/KubeOperator/kubepi
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS12NHc1LXIyeGMtN2Y4aM4AAw1F
KubePi session fixation attack allows an attacker to hijack a legitimate user session.Ecosystems: go
Packages: github.com/KubeOperator/kubepi
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
High
Ecosystems: go
Packages: github.com/docker/distribution
Source: GitHub Advisory Database
Blast Radius: 33.9
Published: about 2 years ago
GSA_kwCzR0hTQS1oNjJmLXdtOTItMmNtd834jw
Docker Registry has Allocation of Resources Without Limits or ThrottlingEcosystems: go
Packages: github.com/docker/distribution
Source: GitHub Advisory Database
Blast Radius: 33.9
Published: about 2 years ago
High
Ecosystems: go
Packages: github.com/free5gc/free5gc
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
GSA_kwCzR0hTQS02OTQ0LTZwbXYtNm1wMs4AA3M9
free5gc Buffer Overflow vulnerabilityEcosystems: go
Packages: github.com/free5gc/free5gc
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
High
Ecosystems: go
Packages: github.com/hybridgroup/gobot
Source: GitHub Advisory Database
Blast Radius: 2.3
Published: almost 2 years ago
GSA_kwCzR0hTQS12ZnhjLXIyZ3gtdjJ2cc4AAg3I
Hybrid Group Gobot Improper Certificate Validation vulnerabilityEcosystems: go
Packages: github.com/hybridgroup/gobot
Source: GitHub Advisory Database
Blast Radius: 2.3
Published: almost 2 years ago
High
Ecosystems: go
Packages: github.com/hashicorp/nomad
Source: GitHub Advisory Database
Blast Radius: 17.4
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg0M3YtMjZyNy03ajRj
Allocation of Resources Without Limits or Throttling in HashiCorp NomadEcosystems: go
Packages: github.com/hashicorp/nomad
Source: GitHub Advisory Database
Blast Radius: 17.4
Published: almost 3 years ago
High
Ecosystems: go
Packages: github.com/tidwall/gjson
Source: GitHub Advisory Database
Blast Radius: 31.0
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc5NDItZ3c2bS1wNjJj
Denial of service in GJSONEcosystems: go
Packages: github.com/tidwall/gjson
Source: GitHub Advisory Database
Blast Radius: 31.0
Published: almost 3 years ago
High
Ecosystems: go
Packages: github.com/docker/distribution
Source: GitHub Advisory Database
Blast Radius: 33.9
Published: about 1 year ago
GSA_kwCzR0hTQS1ocXh3LWY4bXgtY3Btd84AAzSg
distribution catalog API endpoint can lead to OOM via malicious user inputEcosystems: go
Packages: github.com/docker/distribution
Source: GitHub Advisory Database
Blast Radius: 33.9
Published: about 1 year ago
High
Ecosystems: go
Packages: github.com/apache/servicecomb-service-center
Source: GitHub Advisory Database
Blast Radius: 3.6
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXg2anYtNXZmZy1nbTd4
Path traversal in ServiceCenterEcosystems: go
Packages: github.com/apache/servicecomb-service-center
Source: GitHub Advisory Database
Blast Radius: 3.6
Published: over 2 years ago
High
Ecosystems: go
Packages: golang.org/x/crypto
Source: GitHub Advisory Database
Blast Radius: 40.7
Published: almost 2 years ago
GSA_kwCzR0hTQS0zdm00LTIyZnAtNXJmbc4AArAQ
golang.org/x/crypto/ssh NULL Pointer Dereference vulnerabilityEcosystems: go
Packages: golang.org/x/crypto
Source: GitHub Advisory Database
Blast Radius: 40.7
Published: almost 2 years ago
High
Ecosystems: go
Packages: github.com/yaklang/yaklang
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 9 months ago
GSA_kwCzR0hTQS14dmhnLXc2cWMtbTNxcc4AA1Uj
Yaklang Plugin's Fuzztag Component Allows Unauthorized Local File ReadingEcosystems: go
Packages: github.com/yaklang/yaklang
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 9 months ago
High
Ecosystems: go
Packages: github.com/usememos/memos
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 months ago
GSA_kwCzR0hTQS05NmdxLTZjaDUtbW01NM4AA1nF
usememos/memos vulnerable to improper input validationEcosystems: go
Packages: github.com/usememos/memos
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 months ago
High
Ecosystems: go
Packages: k8s.io/apimachinery
Source: GitHub Advisory Database
Blast Radius: 35.0
Published: over 1 year ago
GSA_kwCzR0hTQS03NGZwLXI2anctaDRtcM4AAxe2
Kubernetes apimachinery packages vulnerable to unbounded recursion in JSON or YAML parsingEcosystems: go
Packages: k8s.io/apimachinery
Source: GitHub Advisory Database
Blast Radius: 35.0
Published: over 1 year ago
High
Ecosystems: go
Packages: github.com/go-vela/server
Source: GitHub Advisory Database
Blast Radius: 5.8
Published: about 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThqM2YtbWhxOC1nbWg0
Reject unauthorized access with GitHub PATsEcosystems: go
Packages: github.com/go-vela/server
Source: GitHub Advisory Database
Blast Radius: 5.8
Published: about 2 years ago
High
Ecosystems: go
Packages: github.com/ethereum/go-ethereum
Source: GitHub Advisory Database
Blast Radius: 28.8
Published: 8 days ago
GSA_kwCzR0hTQS00eGM5LThobXEtajY1Ms4AA7xu
go-ethereum vulnerable to DoS via malicious p2p messageEcosystems: go
Packages: github.com/ethereum/go-ethereum
Source: GitHub Advisory Database
Blast Radius: 28.8
Published: 8 days ago
High
Ecosystems: go
Packages: github.com/dexidp/dex
Source: GitHub Advisory Database
Blast Radius: 13.7
Published: 4 months ago
GSA_kwCzR0hTQS1ncjc5LTl2NnYtZ2M5cs4AA430
Dex discarding TLSconfig and always serves deprecated TLS 1.0/1.1 and insecure ciphersEcosystems: go
Packages: github.com/dexidp/dex
Source: GitHub Advisory Database
Blast Radius: 13.7
Published: 4 months ago
High
Ecosystems: go
Packages: golang.org/x/net/http2
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS12YzNwLTI5aDItZ3BjcM0gJw
golang.org/x/net/http2 allows uncontrolled memory consumptionEcosystems: go
Packages: golang.org/x/net/http2
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
High
Ecosystems: go
Packages: github.com/quic-go/quic-go
Source: GitHub Advisory Database
Blast Radius: 22.9
Published: 7 months ago
GSA_kwCzR0hTQS0zcTZtLXY4NGYtNnA5aM4AA2xM
quic-go vulnerable to pointer dereference that can lead to panicEcosystems: go
Packages: github.com/quic-go/quic-go
Source: GitHub Advisory Database
Blast Radius: 22.9
Published: 7 months ago
High
Ecosystems: go
Packages: github.com/hyperledger/fabric
Source: GitHub Advisory Database
Blast Radius: 19.5
Published: almost 2 years ago
GSA_kwCzR0hTQS12amo2LTVtOWYtd3Fqd84AArM8
NULL Pointer Dereference in HyperLedger FabricEcosystems: go
Packages: github.com/hyperledger/fabric
Source: GitHub Advisory Database
Blast Radius: 19.5
Published: almost 2 years ago
High
Ecosystems: go
Packages: github.com/ethereum/go-ethereum
Source: GitHub Advisory Database
Blast Radius: 28.8
Published: about 2 years ago
GSA_kwCzR0hTQS12cmNjLWc2dmotbWg1d800DQ
Denial of service in go-ethereumEcosystems: go
Packages: github.com/ethereum/go-ethereum
Source: GitHub Advisory Database
Blast Radius: 28.8
Published: about 2 years ago
High
Ecosystems: go
Packages: github.com/nats-io/nats-server/v2, github.com/nats-io/nkeys
Source: GitHub Advisory Database
Blast Radius: 33.4
Published: 7 months ago
GSA_kwCzR0hTQS1tcjQ1LXJ4OHEtd2NtOc4AA207
xkeys seal encryption used fixed key for all encryptionEcosystems: go
Packages: github.com/nats-io/nats-server/v2, github.com/nats-io/nkeys
Source: GitHub Advisory Database
Blast Radius: 33.4
Published: 7 months ago
High
Ecosystems: go
Packages: github.com/albertito/chasquid
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
GSA_kwCzR0hTQS1nNHgzLW1mcGotZjMzNc4AA4mp
chasquid HTTP Request/Response Smuggling vulnerabilityEcosystems: go
Packages: github.com/albertito/chasquid
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
High
Ecosystems: go
Packages: github.com/ory/oathkeeper
Source: GitHub Advisory Database
Blast Radius: 2.3
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXF2cDQtcnBtci14d3Jy
Possible bypass of token claim validation when OAuth2 Introspection caching is enabledEcosystems: go
Packages: github.com/ory/oathkeeper
Source: GitHub Advisory Database
Blast Radius: 2.3
Published: almost 3 years ago
High
Ecosystems: go
Packages: github.com/kongchuanhujiao/server
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTh3cmctbTh2bS01ZnZq
Authentication Bypass by Primary Weakness in github.com/kongchuanhujiao/serverEcosystems: go
Packages: github.com/kongchuanhujiao/server
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
Ecosystems: go
Packages: golang.org/x/net
Source: GitHub Advisory Database
Blast Radius: 40.8
Published: almost 2 years ago
GSA_kwCzR0hTQS04M2cyLThtOTMtdjN3N84AAom0
golang.org/x/net/html Infinite Loop vulnerabilityEcosystems: go
Packages: golang.org/x/net
Source: GitHub Advisory Database
Blast Radius: 40.8
Published: almost 2 years ago
Statistics
Advisories: 18,459
Packages: 8,320
Repositories: 540
Ecosystems: 12
Packages: 8,320
Repositories: 540
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
github.com/usememos/memos
59
github.com/mattermost/mattermost/server/v8
38
github.com/mattermost/mattermost-server/v6
37
github.com/answerdev/answer
34
k8s.io/kubernetes
32
github.com/argoproj/argo-cd
29
github.com/grafana/grafana
28
github.com/rancher/rancher
28
github.com/hashicorp/vault
28
github.com/hashicorp/consul
26
github.com/hashicorp/nomad
26
gogs.io/gogs
24
github.com/argoproj/argo-cd/v2
23
github.com/cilium/cilium
20
github.com/ethereum/go-ethereum
20
github.com/docker/docker
19
code.gitea.io/gitea
19
helm.sh/helm/v3
18
golang.org/x/net
17
github.com/goharbor/harbor
15
github.com/containerd/containerd
13
github.com/traefik/traefik/v2
13
github.com/nats-io/nats-server/v2
13
github.com/mattermost/mattermost-server
13
github.com/go-gitea/gitea
12
github.com/opencontainers/runc
12
github.com/moby/moby
12
github.com/zitadel/zitadel
11
github.com/openfga/openfga
11
github.com/cloudflare/cfrpki
11
github.com/1Panel-dev/1Panel
11
github.com/greenpau/caddy-security
10
github.com/sylabs/singularity
9
github.com/cosmos/cosmos-sdk
9
golang.org/x/crypto
9
github.com/cri-o/cri-o
9
github.com/kubernetes/kubernetes
9
go.etcd.io/etcd
8
github.com/kubeedge/kubeedge
8
github.com/pterodactyl/wings
8
github.com/pomerium/pomerium
8
istio.io/istio
8
github.com/containers/podman/v4
8
github.com/traefik/traefik
7
github.com/hashicorp/go-getter
7
github.com/beego/beego
7
helm.sh/helm
7
github.com/nats-io/jwt
7
github.com/google/fscrypt
7
k8s.io/ingress-nginx
7
github.com/beego/beego/v2
6
github.com/russellhaering/goxmldsig
6
github.com/apache/trafficcontrol
6
github.com/sigstore/cosign
6
github.com/gravitl/netmaker
6
github.com/treeverse/lakefs
6
github.com/authzed/spicedb
6
github.com/pion/dtls
6
github.com/cubefs/cubefs
6
github.com/russellhaering/gosaml2
6
github.com/fluxcd/flux2
6
github.com/hyperledger/fabric
6
kubevirt.io/kubevirt
6
github.com/apache/incubator-answer
5
github.com/KubeOperator/kubepi
5
github.com/fluxcd/kustomize-controller
5
github.com/foxcpp/maddy
5
github.com/gophish/gophish
5
github.com/0xJacky/Nginx-UI
5
github.com/gofiber/fiber/v2
5
github.com/containers/buildah
5
github.com/mattermost/mattermost-server/v5
5
github.com/hashicorp/go-getter/v2
5
github.com/IBAX-io/go-ibax
5
github.com/traefik/traefik/v3
5
github.com/cometbft/cometbft
5
github.com/kiali/kiali
5
github.com/tendermint/tendermint
5
github.com/moby/buildkit
5
github.com/kyverno/kyverno
5
github.com/ipfs/go-ipfs
5
github.com/schollz/croc/v9
5
go.etcd.io/etcd/v3
5
github.com/pion/dtls/v2
5
github.com/open-policy-agent/opa
4
github.com/gin-gonic/gin
4
github.com/crewjam/saml
4
github.com/arduino/arduino-create-agent
4
github.com/alist-org/alist/v3
4
github.com/hashicorp/go-getter/s3/v2
4
github.com/argoproj/argo-workflows/v3
4
github.com/stacklok/minder
4
github.com/oauth2-proxy/oauth2-proxy
4
github.com/aws/aws-sdk-go
4
github.com/hashicorp/go-getter/gcs/v2
4
github.com/dhowden/tag
4
github.com/casdoor/casdoor
4
golang.org/x/net/http2
4
github.com/git-lfs/git-lfs
4
github.com/concourse/concourse
4
github.com/tidwall/gjson
4
github.com/coredns/coredns
4
github.com/lestrrat-go/jwx
4
github.com/IceWhaleTech/CasaOS-UserService
4
github.com/lestrrat-go/jwx/v2
4
github.com/containers/podman/v3
4
github.com/ory/fosite
4
github.com/free5gc/free5gc
4
github.com/dexidp/dex
4
github.com/edgelesssys/constellation/v2
3
github.com/miekg/dns
3
github.com/tiagorlampert/CHAOS
3
golang.org/x/image
3
gopkg.in/yaml.v2
3
github.com/hashicorp/boundary
3
github.com/caddyserver/caddy
3
k8s.io/client-go
3
vitess.io/vitess
3
github.com/mholt/archiver
3
github.com/owncast/owncast
3
github.com/jackc/pgx/v4
3
github.com/go-vela/server
3
github.com/cortexproject/cortex
3
github.com/cheqd/cheqd-node
3
github.com/libp2p/go-libp2p
3
go.etcd.io/etcd/client/v3
3
golang.org/x/text
3
github.com/phachon/mm-wiki
3
github.com/tharsis/evmos
3
github.com/nats-io/jwt/v2
3
github.com/navidrome/navidrome
3
github.com/sigstore/cosign/v2
3
github.com/crypto-org-chain/cronos
3
github.com/heketi/heketi
3
github.com/minio/minio
3
github.com/consensys/gnark
3
github.com/projectcalico/calico
3
github.com/notaryproject/notation
3
github.com/fluxcd/helm-controller
3
github.com/quic-go/quic-go
3
github.com/hashicorp/vault/vault
3
github.com/apache/servicecomb-service-center
3
github.com/docker/distribution
3
github.com/syncthing/syncthing
3
github.com/dutchcoders/transfer.sh
3
github.com/crossplane/crossplane
3
github.com/authelia/authelia/v4
3
github.com/openshift/origin
3
github.com/lightningnetwork/lnd
3
github.com/ory/oathkeeper
3
github.com/square/go-jose
3
github.com/weaveworks/weave-gitops
3
github.com/flyteorg/flyteadmin
3
github.com/artifacthub/hub
3
github.com/ElrondNetwork/elrond-go
3
github.com/notaryproject/notation-go
2
github.com/pingcap/tidb
2
github.com/gohugoio/hugo
2
github.com/hpcng/singularity
2
github.com/woodpecker-ci/woodpecker
2
github.com/containers/podman
2
github.com/google/exposure-notifications-verification-server
2
github.com/minio/console
2
github.com/sigstore/rekor
2
github.com/gphper/ginadmin
2
github.com/go-skynet/LocalAI
2
github.com/nats-io/nats-server
2
github.com/labstack/echo/v4
2
github.com/argoproj/argo-events
2
github.com/ipld/go-codec-dagpb
2
mellium.im/xmpp
2
github.com/Masterminds/goutils
2
github.com/stripe/smokescreen
2
github.com/clastix/capsule-proxy
2
github.com/etcd-io/etcd
2
github.com/spiffe/spire
2
tailscale.com
2
github.com/go-vela/worker
2
github.com/projectcapsule/capsule-proxy
2
github.com/zalando/skipper
2
github.com/jackc/pgx
2
github.com/jackc/pgproto3
2
github.com/theupdateframework/go-tuf
2
github.com/sajari/docconv
2
code.sajari.com/docconv
2
github.com/go-jose/go-jose/v3
2
github.com/jaegertracing/jaeger
2
github.com/dvsekhvalnov/jose2go
2
github.com/edgelesssys/marblerun
2
github.com/brokercap/Bifrost
2
github.com/edgexfoundry/app-functions-sdk-go/v2
2
github.com/prometheus/prometheus
2
github.com/flynn/noise
2
github.com/talos-systems/talos
2
github.com/multiversx/mx-chain-go
2
github.com/cosmos/ethermint
2
github.com/elastic/beats
2
github.com/apptainer/apptainer
2
github.com/ulikunitz/xz
2
github.com/IceWhaleTech/CasaOS
2
Filter by Repository
https://github.com/usememos/memos
59
https://github.com/kubernetes/kubernetes
48
https://github.com/argoproj/argo-cd
37
https://github.com/answerdev/answer
34
https://github.com/go-gitea/gitea
31
https://github.com/rancher/rancher
25
https://github.com/grafana/grafana
21
https://github.com/cilium/cilium
20
https://github.com/gogs/gogs
20
https://github.com/hashicorp/consul
19
https://github.com/helm/helm
19
https://github.com/hashicorp/vault
16
https://github.com/etcd-io/etcd
16
https://github.com/ethereum/go-ethereum
16
https://github.com/goharbor/harbor
15
https://github.com/mattermost/mattermost
14
https://github.com/moby/moby
14
https://github.com/traefik/traefik
13
https://github.com/hashicorp/nomad
13
https://github.com/containerd/containerd
13
https://github.com/golang/go
13
https://github.com/opencontainers/runc
11
https://github.com/openfga/openfga
11
https://github.com/zitadel/zitadel
11
https://github.com/containers/podman
11
https://github.com/1Panel-dev/1Panel
11
https://github.com/cloudflare/cfrpki
11
https://github.com/nats-io/nats-server
10
https://github.com/greenpau/caddy-security
10
https://github.com/cri-o/cri-o
9
https://github.com/cosmos/cosmos-sdk
9
https://github.com/istio/istio
8
https://github.com/kubeedge/kubeedge
8
https://github.com/pterodactyl/wings
8
https://github.com/pomerium/pomerium
8
https://github.com/docker/docker
8
https://github.com/kubernetes/ingress-nginx
7
https://github.com/beego/beego
7
https://github.com/hashicorp/go-getter
7
https://github.com/google/fscrypt
7
https://github.com/hpcng/singularity
7
https://github.com/schollz/croc
6
https://github.com/sigstore/cosign
6
https://github.com/pion/dtls
6
https://github.com/moby/buildkit
6
https://github.com/hyperledger/fabric
6
https://github.com/treeverse/lakeFS
6
https://github.com/gravitl/netmaker
6
https://github.com/authzed/spicedb
6
https://github.com/containers/buildah
6
https://github.com/fluxcd/flux2
6
https://github.com/cubefs/cubefs
6
https://github.com/0xJacky/nginx-ui
5
https://github.com/argoproj/argo-workflows
5
https://github.com/russellhaering/gosaml2
5
https://github.com/cometbft/cometbft
5
https://github.com/crewjam/saml
5
https://github.com/foxcpp/maddy
5
https://github.com/free5gc/free5gc
5
https://github.com/gofiber/fiber
5
https://github.com/gophish/gophish
5
https://github.com/kyverno/kyverno
5
https://github.com/IBAX-io/go-ibax
5
https://github.com/ipfs/go-ipfs
5
https://github.com/tendermint/tendermint
5
https://github.com/containous/traefik
4
https://github.com/ory/fosite
4
https://github.com/grafana/bugbounty
4
https://github.com/concourse/concourse
4
https://github.com/open-policy-agent/opa
4
https://github.com/tidwall/gjson
4
https://github.com/stacklok/minder
4
https://github.com/casdoor/casdoor
4
https://github.com/IceWhaleTech/CasaOS-UserService
4
https://github.com/oauth2-proxy/oauth2-proxy
4
https://github.com/git-lfs/git-lfs
4
https://github.com/siderolabs/talos
4
https://github.com/gin-gonic/gin
4
https://github.com/aws/aws-sdk-go
4
https://github.com/dexidp/dex
4
https://github.com/dhowden/tag
4
https://github.com/kubevirt/kubevirt
4
https://github.com/nats-io/jwt
4
https://github.com/arduino/arduino-create-agent
4
https://github.com/lestrrat-go/jwx
4
https://github.com/edgelesssys/constellation
3
https://github.com/open-telemetry/opentelemetry-go-contrib
3
https://github.com/ElrondNetwork/elrond-go
3
https://github.com/ory/oathkeeper
3
https://github.com/evmos/evmos
3
https://github.com/flipped-aurora/gin-vue-admin
3
https://github.com/flyteorg/flyteadmin
3
https://github.com/u-root/u-root
3
https://github.com/phachon/mm-wiki
3
https://github.com/vitessio/vitess
3
https://github.com/gogits/gogs
3
https://github.com/go-vela/server
3
https://github.com/openshift/origin
3
https://github.com/go-yaml/yaml
3
https://github.com/tiagorlampert/CHAOS
3
https://github.com/heketi/heketi
3
https://github.com/ipfs/boxo
3
https://github.com/kiali/kiali
3
https://github.com/KubeOperator/KubePi
3
https://github.com/tailscale/tailscale
3
https://github.com/navidrome/navidrome
3
https://github.com/kubernetes-sigs/secrets-store-csi-driver
3
https://github.com/syncthing/syncthing
3
https://github.com/libp2p/go-libp2p
3
https://github.com/sylabs/singularity
3
https://github.com/moby/libnetwork
3
https://github.com/square/go-jose
3
https://github.com/alist-org/alist
3
https://github.com/apache/trafficcontrol
3
https://github.com/artifacthub/hub
3
https://github.com/authelia/authelia
3
https://github.com/caddyserver/caddy
3
https://github.com/cheqd/cheqd-node
3
https://github.com/Consensys/gnark
3
https://github.com/coredns/coredns
3
https://github.com/cortexproject/cortex
3
https://github.com/weaveworks/weave-gitops
3
https://github.com/crossplane/crossplane
3
https://github.com/quic-go/quic-go
3
https://github.com/minio/minio
3
https://github.com/dutchcoders/transfer.sh
3
https://github.com/zalando/skipper
2
https://github.com/argoproj/argo-events
2
https://github.com/ecnepsnai/web
2
https://github.com/atredispartners/advisories
2
https://github.com/envoyproxy/envoy
2
https://github.com/bitly/oauth2_proxy
2
https://github.com/temporalio/temporal
2
https://github.com/kitabisa/teler-waf
2
https://github.com/kitabisa/teler
2
https://github.com/bottlerocket-os/bottlerocket
2
https://github.com/jackc/pgproto3
2
https://github.com/ipld/go-codec-dagpb
2
https://github.com/brokercap/Bifrost
2
https://github.com/buger/jsonparser
2
https://github.com/bytebase/bytebase
2
https://github.com/influxdata/influxdb
2
https://github.com/apptainer/apptainer
2
https://github.com/labring/sealos
2
https://github.com/labstack/echo
2
https://github.com/elastic/beats
2
https://github.com/edgelesssys/marblerun
2
https://github.com/lightningnetwork/lnd
2
https://github.com/Masterminds/goutils
2
https://github.com/1Panel-dev/KubePi
2
https://github.com/mattermost/mattermost-plugin-jira
2
https://github.com/mellium/xmpp
2
https://github.com/mholt/archiver
2
https://github.com/microcosm-cc/bluemonday
2
https://github.com/miekg/dns
2
https://github.com/zinclabs/zinc
2
https://github.com/distribution/distribution
2
https://github.com/drakkan/sftpgo
2
https://github.com/crypto-org-chain/cronos
2
https://github.com/go-git/go-git
2
https://github.com/flynn/noise
2
https://github.com/fluid-cloudnative/fluid
2
https://github.com/cosmos/ethermint
2
https://github.com/gohugoio/hugo
2
https://github.com/go-jose/go-jose
2
https://github.com/golang/crypto
2
https://github.com/unknwon/cae
2
https://github.com/google/exposure-notifications-verification-server
2
https://github.com/ulikunitz/xz
2
https://github.com/coreos/etcd
2
https://github.com/fleetdm/fleet
2
https://github.com/gotify/server
2
https://github.com/woodpecker-ci/woodpecker
2
https://github.com/containers/libpod
2
https://github.com/Consensys/gnark-crypto
2
https://github.com/gphper/ginadmin
2
https://github.com/fkie-cad/yapscan
2
https://github.com/codenotary/immudb
2
https://github.com/cloudflare/cloudflared
2
https://github.com/cloudflare/circl
2
https://github.com/hashicorp/terraform
2
https://github.com/facebook/fbthrift
2
https://github.com/heroiclabs/nakama
2
https://github.com/theupdateframework/go-tuf
2
https://github.com/IceWhaleTech/CasaOS
2
https://github.com/dvsekhvalnov/jose2go
2
https://github.com/imgproxy/imgproxy
2
https://github.com/minio/console
2
https://github.com/stripe/smokescreen
2
https://github.com/peterzen/goresolver
2
https://github.com/pingcap/tidb
2
https://github.com/multiversx/mx-chain-go
2
https://github.com/Netflix/security-bulletins
2
https://github.com/mutagen-io/mutagen
2
https://github.com/ntbosscher/gobase
2
https://github.com/netlify/gotrue
2
https://github.com/projectdiscovery/nuclei
2
https://github.com/sigstore/rekor
2
https://github.com/rancher/wrangler
2