Browse Security Advisories
Security Advisories for github.com/zitadel/zitadel in go Clear Filters
High
2 months ago
ZITADEL Allows Account Takeover via Malicious X-Forwarded-Proto Header Injection
go
github.com/zitadel/zitadel/v2, github.com/zitadel/zitadel
Critical
5 months ago
IDOR Vulnerabilities in ZITADEL's Admin API that Primarily Impact LDAP Configurations
go
github.com/zitadel/zitadel, github.com/zitadel/zitadel/v2
Moderate
9 months ago
Denied Host Validation Bypass in Zitadel Actions
go
github.com/zitadel/zitadel
Moderate
about 1 year ago
ZITADEL "ignoring unknown usernames" vulnerability
go
github.com/zitadel/zitadel
Moderate
about 1 year ago
ZITADEL has improper HTML sanitization in emails and Console UI
go
github.com/zitadel/zitadel
Moderate
about 1 year ago
ZITADEL Vulnerable to Session Information Leakage
go
github.com/zitadel/zitadel
Moderate
over 1 year ago
Zitadel exposing internal database user name and host information
go
github.com/zitadel/zitadel
High
over 1 year ago
ZITADEL's Improper Lockout Mechanism Leads to MFA Bypass
go
github.com/zitadel/zitadel
High
over 1 year ago
ZITADEL's Improper Content-Type Validation Leads to Account Takeover via Stored XSS + CSP Bypass
go
github.com/zitadel/zitadel
High
over 1 year ago
Account Takeover via Session Fixation in Zitadel [Bypassing MFA]
go
github.com/zitadel/zitadel
High
over 1 year ago
ZITADEL Account Takeover via Malicious Host Header Injection
go
github.com/zitadel/zitadel
High
over 1 year ago
ZITADEL race condition in lockout policy execution
go
github.com/zitadel/zitadel
Moderate
almost 2 years ago
ZITADEL's password reset does not respect the "Ignoring unknown usernames" setting
go
github.com/zitadel/zitadel
Moderate
over 2 years ago
Zitadel RefreshToken invalidation vulnerability
go
github.com/zitadel/zitadel
Filter by Severity
Filter by Ecosystem
maven
6,666
packagist
5,357
pypi
4,846
npm
4,195
go
2,803
nuget
1,702
cargo
1,067
rubygems
919
hex
37
swift
35
actions
32
pub
10
Filter by Package
github.com/mattermost/mattermost/server/v8
115
github.com/usememos/memos
66
github.com/grafana/grafana
56
github.com/rancher/rancher
44
k8s.io/kubernetes
41
github.com/hashicorp/vault
40
github.com/mattermost/mattermost-server/v6
39
github.com/answerdev/answer
34
gogs.io/gogs
33
github.com/argoproj/argo-cd
31
github.com/docker/docker
31
github.com/hashicorp/nomad
31
github.com/argoproj/argo-cd/v2
31
github.com/cilium/cilium
31
github.com/mattermost/mattermost-server
29
github.com/hashicorp/consul
29
github.com/traefik/traefik/v2
24
github.com/goharbor/harbor
21
github.com/ethereum/go-ethereum
21
golang.org/x/net
20
code.gitea.io/gitea
20
helm.sh/helm/v3
19
github.com/zitadel/zitadel
19
github.com/openfga/openfga
16
github.com/traefik/traefik/v3
16
github.com/nats-io/nats-server/v2
15
github.com/containerd/containerd
15
github.com/cosmos/cosmos-sdk
13
github.com/opencontainers/runc
13
github.com/traefik/traefik
12
github.com/go-gitea/gitea
12
github.com/cri-o/cri-o
12
k8s.io/ingress-nginx
12
github.com/1Panel-dev/1Panel
12
github.com/ollama/ollama
12
github.com/pomerium/pomerium
11
golang.org/x/crypto
11
github.com/filebrowser/filebrowser/v2
11
github.com/cloudflare/cfrpki
11
github.com/beego/beego/v2
10
github.com/greenpau/caddy-security
10
github.com/containers/podman/v4
10
github.com/cometbft/cometbft
10
github.com/kyverno/kyverno
10
github.com/authzed/spicedb
10
github.com/moby/moby
10
github.com/juju/juju
9
github.com/kubernetes/kubernetes
9
github.com/sylabs/singularity
9
github.com/navidrome/navidrome
9
github.com/apache/incubator-answer
9
github.com/filebrowser/filebrowser
9
github.com/beego/beego
9
go.etcd.io/etcd/v3
8
github.com/casdoor/casdoor
8
github.com/stacklok/minder
8
github.com/kubeedge/kubeedge
8
github.com/treeverse/lakefs
8
github.com/mattermost/mattermost-server/v5
8
github.com/pterodactyl/wings
8
istio.io/istio
8
github.com/containers/buildah
8
github.com/hashicorp/go-getter
8
github.com/coredns/coredns
7
github.com/google/fscrypt
7
helm.sh/helm
7
github.com/minio/minio
7
github.com/gofiber/fiber/v2
7
github.com/hyperledger/fabric
7
github.com/open-policy-agent/opa
6
kubevirt.io/kubevirt
6
github.com/lf-edge/ekuiper
6
github.com/consensys/gnark
6
github.com/pion/dtls
6
github.com/gophish/gophish
6
github.com/sigstore/cosign
6
github.com/fluxcd/flux2
6
github.com/apache/trafficcontrol
6
github.com/containers/podman/v3
6
github.com/gravitl/netmaker
6
github.com/CosmWasm/wasmvm
6
github.com/cubefs/cubefs
6
github.com/argoproj/argo-workflows/v3
6
github.com/hashicorp/go-getter/v2
5
github.com/quic-go/quic-go
5
github.com/schollz/croc/v9
5
github.com/siyuan-note/siyuan/kernel
5
github.com/cheqd/cheqd-node
5
github.com/kiali/kiali
5
github.com/IBAX-io/go-ibax
5
github.com/KubeOperator/kubepi
5
github.com/gin-gonic/gin
5
github.com/bnb-chain/tss-lib
5
github.com/osrg/gobgp/v3
5
github.com/snapcore/snapd
5
github.com/foxcpp/maddy
5
github.com/russellhaering/gosaml2
5
github.com/alist-org/alist/v3
5
github.com/git-lfs/git-lfs
5
github.com/CosmWasm/wasmvm/v2
5
github.com/zitadel/zitadel/v2
5
github.com/ipfs/go-ipfs
5
github.com/russellhaering/goxmldsig
5
github.com/owncast/owncast
5
github.com/drakkan/sftpgo/v2
5
github.com/lf-edge/ekuiper/v2
5
cosmwasm-vm
5
github.com/t2bot/matrix-media-repo
5
github.com/nats-io/jwt
5
github.com/CosmWasm/wasmd
5
github.com/tendermint/tendermint
5
github.com/0xJacky/Nginx-UI
5
go.etcd.io/etcd
5
github.com/containers/podman
5
github.com/moby/buildkit
5
github.com/pion/dtls/v2
5
github.com/fluxcd/kustomize-controller
5
github.com/ory/fosite
4
github.com/lestrrat-go/jwx/v2
4
github.com/crossplane/crossplane
4
github.com/free5gc/free5gc
4
github.com/cosmos/ibc-go/v3
4
github.com/cosmos/ibc-go
4
github.com/dhowden/tag
4
github.com/go-git/go-git/v5
4
github.com/cortexproject/cortex
4
github.com/cli/cli/v2
4
github.com/aws/aws-sdk-go
4
github.com/go-vela/server
4
golang.org/x/net/http2
4
github.com/mattermost/mattermost
4
github.com/cosmos/ibc-go/v6
4
github.com/mholt/archiver
4
github.com/evmos/evmos/v11
4
github.com/cosmos/ibc-go/v2
4
github.com/projectcalico/calico
4
github.com/evmos/evmos/v16
4
github.com/hashicorp/go-getter/gcs/v2
4
gopkg.in/src-d/go-git.v4
4
vitess.io/vitess
4
github.com/authelia/authelia/v4
4
github.com/evmos/evmos/v7
4
github.com/tidwall/gjson
4
github.com/cosmos/ibc-go/v4
4
github.com/containers/podman/v2
4
github.com/hashicorp/boundary
4
github.com/IceWhaleTech/CasaOS-UserService
4
github.com/hashicorp/go-getter/s3/v2
4
github.com/lightningnetwork/lnd
4
github.com/layer5io/meshery
4
github.com/containers/podman/v5
4
github.com/evmos/evmos/v13
4
github.com/concourse/concourse
4
github.com/evmos/evmos/v6
4
github.com/cosmos/ibc-go/v7
4
github.com/binance-chain/tss-lib
4
github.com/arduino/arduino-create-agent
4
github.com/cosmos/ibc-go/v5
4
golang.org/x/image
4
github.com/notaryproject/notation-go
4
github.com/dexidp/dex
4
github.com/osrg/gobgp
4
github.com/oauth2-proxy/oauth2-proxy
4
github.com/crewjam/saml
4
github.com/karmada-io/karmada
4
github.com/lestrrat-go/jwx
4
github.com/artifacthub/hub
3
github.com/evmos/evmos/v9
3
github.com/babylonlabs-io/babylon
3
github.com/ElrondNetwork/elrond-go
3
github.com/notaryproject/notation
3
github.com/gohugoio/hugo
3
github.com/syncthing/syncthing
3
goauthentik.io
3
github.com/evmos/evmos/v14
3
github.com/libp2p/go-libp2p
3
golang.org/x/text
3
github.com/gofiber/fiber
3
go.etcd.io/etcd/client/v3
3
github.com/cosmos/ibc-go/v8
3
github.com/flyteorg/flyteadmin
3
github.com/argoproj/argo-events
3
github.com/IceWhaleTech/CasaOS
3
github.com/clidey/whodb/core
3
github.com/go-skynet/LocalAI
3
github.com/crypto-org-chain/cronos
3
github.com/containerd/containerd/v2
3
github.com/plentico/plenti
3
github.com/miekg/dns
3
github.com/tiagorlampert/CHAOS
3
github.com/phachon/mm-wiki
3
github.com/edgelesssys/marblerun
3
zotregistry.dev/zot
3
github.com/canonical/lxd
3
github.com/oauth2-proxy/oauth2-proxy/v7
3
github.com/edgelesssys/constellation/v2
3
k8s.io/client-go
3
github.com/edgelesssys/contrast
3
github.com/pingcap/tidb
3
github.com/square/go-jose
3