Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

go Security Advisories

Loading...
Moderate
GSA_kwCzR0hTQS14ODRjLXAyZzktcnF2Oc4AA7ME
IPv6 enabled on IPv4-only network interfaces
Ecosystems: go
Packages: github.com/docker/docker
Source: GitHub Advisory Database
Blast Radius: 21.6
Published: 1 day ago
Low
GSA_kwCzR0hTQS02bTloLTJwcjItOWo4Zs4AA7Lw
1Panel's password verification is suspected to have a timing attack vulnerability
Ecosystems: go
Packages: github.com/1Panel-dev/1Panel
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 1 day ago
Moderate
GSA_kwCzR0hTQS1tOTljLXEyNnItbTdtN84AA7I6
Evmos vulnerable to unauthorized account creation with vesting module
Ecosystems: go
Packages: github.com/evmos/evmos/v13, github.com/evmos/evmos/v13/x/vesting
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 2 days ago
Critical
GSA_kwCzR0hTQS12NnJ3LWhoZ2ctd2M0eM4AA7I5
Evmos vulnerable to DOS and transaction fee expropiation through Authz exploit
Ecosystems: go
Packages: github.com/evmos/evmos/v11
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 2 days ago
High
GSA_kwCzR0hTQS04Y3BoLW02ODUtNnY2cs4AA7DZ
OpenFGA Authorization Bypass
Ecosystems: go
Packages: github.com/openfga/openfga
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 days ago
Moderate
GSA_kwCzR0hTQS0yZ3Z3LXc2ZmotN20zY84AA7Bd
Argo CD's API server does not enforce project sourceNamespaces
Ecosystems: go
Packages: github.com/argoproj/argo-cd/v2
Source: GitHub Advisory Database
Blast Radius: 10.4
Published: 4 days ago
Moderate
GSA_kwCzR0hTQS03ZjRqLTY0cDYtNWg1ds4AA7BQ
Traefik affected by HTTP/2 CONTINUATION flood in net/http
Ecosystems: go
Packages: github.com/traefik/traefik/v3, github.com/traefik/traefik/v2
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 4 days ago
High
GSA_kwCzR0hTQS1nOGZjLXZyY2ctOHZqZ84AA7BP
Constallation has pods exposed to peers in VPC
Ecosystems: go
Packages: github.com/edgelesssys/constellation/v2
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 4 days ago
High
GSA_kwCzR0hTQS00dnd4LTU0bXctdnFmd84AA69W
Traefik vulnerable to denial of service with Content-length header
Ecosystems: go
Packages: github.com/traefik/traefik, github.com/traefik/traefik/v2, github.com/traefik/traefik/v3
Source: GitHub Advisory Database
Blast Radius: 12.9
Published: 7 days ago
Moderate
GSA_kwCzR0hTQS1nOXF4LTI1dmotcmY1M84AA69T
Apache Solr Operator liveness and readiness probes may leak basic auth credentials
Ecosystems: go
Packages: github.com/apache/solr-operator
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 days ago
Moderate
GSA_kwCzR0hTQS1jNXJ2LWhqamMtanY3bc4AA68X
tiagorlampert CHAOS vulnerable to Cross Site Scripting
Ecosystems: go
Packages: github.com/tiagorlampert/CHAOS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 days ago
High
GSA_kwCzR0hTQS1wM2o2LWY0NWgtaHc1Zs4AA68J
tiagorlampert CHAOS vulnerable to command injections
Ecosystems: go
Packages: github.com/tiagorlampert/CHAOS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 days ago
Moderate
GSA_kwCzR0hTQS05NXByLWZ4ZjUtODZnds4AA67e
Cosign malicious artifacts can cause machine-wide DoS
Ecosystems: go
Packages: github.com/sigstore/cosign/v2, github.com/sigstore/cosign
Source: GitHub Advisory Database
Blast Radius: 11.8
Published: 8 days ago
Moderate
GSA_kwCzR0hTQS04OGp4LTM4M3EtdzRxY84AA67d
Cosign malicious attachments can cause system-wide denial of service
Ecosystems: go
Packages: github.com/sigstore/cosign/v2, github.com/sigstore/cosign
Source: GitHub Advisory Database
Blast Radius: 11.8
Published: 8 days ago
Low
GSA_kwCzR0hTQS1qODVxLTQ2aGctMzZwMs4AA658
SpiceDB: LookupSubjects may return partial results if a specific kind of relation is used
Ecosystems: go
Packages: github.com/authzed/spicedb
Source: GitHub Advisory Database
Blast Radius: 2.7
Published: 9 days ago
Critical
GSA_kwCzR0hTQS0zZnA1LTJ4d2gtZnhtNs4AA657
Evmos transaction execution not accounting for all state transition after interaction with precompiles
Ecosystems: go
Packages: github.com/tharsis/evmos/v5, github.com/tharsis/evmos/v4, github.com/tharsis/evmos/v3, github.com/tharsis/evmos/v2, github.com/tharsis/evmos, github.com/evmos/evmos/v5, github.com/evmos/evmos/v6, github.com/evmos/evmos/v7, github.com/evmos/evmos/v16
Source: GitHub Advisory Database
Blast Radius: 5.5
Published: 9 days ago
Critical
GSA_kwCzR0hTQS13eDQzLWc1NWctMmpmNM4AA64K
LocalAI Command Injection in audioToWav
Ecosystems: go
Packages: github.com/go-skynet/LocalAI
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 9 days ago
Low
GSA_kwCzR0hTQS1qNXZtLTdxY2MtMnd3Z84AA63w
Kopia: Storage connection credentials written to console on "repository status" CLI command with JSON output
Ecosystems: go
Packages: github.com/kopia/kopia
Source: GitHub Advisory Database
Blast Radius: 3.2
Published: 9 days ago
High
GSA_kwCzR0hTQS1ndjN3LW01N3AtM3djNM4AA6wY
gin-vue-admin background arbitrary code coverage vulnerability
Ecosystems: go
Packages: github.com/flipped-aurora/gin-vue-admin/server
Source: GitHub Advisory Database
Blast Radius: 10.3
Published: 10 days ago
Moderate
GSA_kwCzR0hTQS1nZ3A1LTI4eDQteGNqOc4AA6wX
Minder GetRepositoryByName data leak
Ecosystems: go
Packages: github.com/stacklok/minder
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 days ago
High
GSA_kwCzR0hTQS01ang1LWhxeDUtMnZyas4AA6uv
Ollama DNS rebinding vulnerability
Ecosystems: go
Packages: github.com/ollama/ollama
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 days ago
Moderate
GSA_kwCzR0hTQS1yaGg0LXJoN2MtN3I1ds4AA6r1
Archiver Path Traversal vulnerability
Ecosystems: go
Packages: github.com/mholt/archiver, github.com/mholt/archiver/v3
Source: GitHub Advisory Database
Blast Radius: 21.1
Published: 13 days ago
Moderate
GSA_kwCzR0hTQS02N3J2LXFwdzItNnFycs4AA6qo
Grafana: Users outside an organization can delete a snapshot with its key
Ecosystems: go
Packages: github.com/grafana/grafana
Source: GitHub Advisory Database
Blast Radius: 11.0
Published: 14 days ago
Critical
GSA_kwCzR0hTQS1qNDk2LWNyZ2gtMzRteM4AA6qW
ibc-go: Potential Reentrancy using Timeout Callbacks in ibc-hooks
Ecosystems: go
Packages: github.com/cosmos/ibc-go, github.com/cosmos/ibc-go/v2, github.com/cosmos/ibc-go/v3, github.com/cosmos/ibc-go/v8, github.com/cosmos/ibc-go/v7, github.com/cosmos/ibc-go/v6, github.com/cosmos/ibc-go/v5, github.com/cosmos/ibc-go/v4
Source: GitHub Advisory Database
Blast Radius: 24.8
Published: 14 days ago
Moderate
GSA_kwCzR0hTQS00Njg1LTJ4NXItNjVwas4AA6qH
Pebble service manager's file pull API allows access by any user
Ecosystems: go
Packages: github.com/canonical/pebble
Source: GitHub Advisory Database
Blast Radius: 8.2
Published: 15 days ago
Moderate
GSA_kwCzR0hTQS1tY3c2LTMyNTYtNjRnZ84AA6qB
Mattermost Server doesn't limit the number of user preferences
Ecosystems: go
Packages: github.com/mattermost/mattermost/server/v8
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 15 days ago
Moderate
GSA_kwCzR0hTQS13cDQzLXZwcmgtYzN3Nc4AA6qC
Mattermost fails to authenticate the source of certain types of post actions
Ecosystems: go
Packages: github.com/mattermost/mattermost/server/v8
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 15 days ago
Moderate
GSA_kwCzR0hTQS13Njd2LXBoNHgtZjQ4cc4AA6p_
Mattermost Server Improper Access Control
Ecosystems: go
Packages: github.com/mattermost/mattermost/server/v8
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 15 days ago
Low
GSA_kwCzR0hTQS14cDlqLThwNjgtOXE5M84AA6p2
Mattermost Server Improper Access Control
Ecosystems: go
Packages: github.com/mattermost/mattermost/server/v8
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 15 days ago
Moderate
GSA_kwCzR0hTQS00djd4LXBxeGYtY3g3bc4AA6pf
net/http, x/net/http2: close connections when receiving too many headers
Ecosystems: go
Packages: golang.org/x/net, net/http, golang.org/x/net/http2
Source: GitHub Advisory Database
Blast Radius: 28.8
Published: 15 days ago
Moderate
GSA_kwCzR0hTQS1qMnJwLWdtcXYtZnJods4AA6pX
HashiCorpVault does not correctly validate OCSP responses
Ecosystems: go
Packages: github.com/hashicorp/vault
Source: GitHub Advisory Database
Blast Radius: 21.5
Published: 15 days ago
Moderate
GSA_kwCzR0hTQS13bXhjLXYzOXItcDl3Zs4AA6nq
Temporal Server Denial of Service
Ecosystems: go
Packages: github.com/temporalio/temporal
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 16 days ago
Moderate
GSA_kwCzR0hTQS12amhmLTZ4ZnItNXA5Z84AA6lt
KubeVirt NULL pointer dereference flaw
Ecosystems: go
Packages: kubevirt.io/kubevirt
Source: GitHub Advisory Database
Blast Radius: 10.6
Published: 17 days ago
Moderate
GSA_kwCzR0hTQS04ZjI1LXc3cWotcjdoY84AA6i3
Temporal UI Server cross-site scripting vulnerability
Ecosystems: go
Packages: github.com/temporalio/ui-server/v2
Source: GitHub Advisory Database
Blast Radius: 1.3
Published: 17 days ago
Moderate
GSA_kwCzR0hTQS1od3Z3LWdoMjMtcXB2cc4AA6ix
CA17 TeamsACS Cross Site Scripting vulnerability
Ecosystems: go
Packages: github.com/ca17/teamsacs
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 18 days ago
High
GSA_kwCzR0hTQS1jMzN4LXhxcmYtYzQ3OM4AA6ir
QUIC's Connection ID Mechanism vulnerable to Memory Exhaustion Attack
Ecosystems: go
Packages: github.com/quic-go/quic-go
Source: GitHub Advisory Database
Blast Radius: 22.9
Published: 18 days ago
Moderate
GSA_kwCzR0hTQS1qaHZmLTdjODUtM2M5Z84AA6gZ
LocalAI cross-site request forgery vulnerability
Ecosystems: go
Packages: github.com/go-skynet/LocalAI
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 18 days ago
Moderate
GSA_kwCzR0hTQS1oY3cyLTJyOWMtZ2M2cM4AA6gM
CasaOS Username Enumeration - Bypass of CVE-2024-24766
Ecosystems: go
Packages: github.com/IceWhaleTech/CasaOS-UserService
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 19 days ago
Moderate
GSA_kwCzR0hTQS1qaHd4LW1od3ctcmdjM84AA6dx
ArgoCD's repo server has Uncontrolled Resource Consumption vulnerability
Ecosystems: go
Packages: github.com/argoproj/argo-cd/v2
Source: GitHub Advisory Database
Blast Radius: 14.1
Published: 21 days ago
High
GSA_kwCzR0hTQS04NzR2LXBqNzItOTJmM84AA6ay
Podman affected by CVE-2024-1753 container escape at build time
Ecosystems: go
Packages: github.com/containers/podman/v5, github.com/containers/podman/v4
Source: GitHub Advisory Database
Blast Radius: 16.4
Published: 22 days ago
High
GSA_kwCzR0hTQS1wd3FtLXg1eDYtNTU4Ns4AA6au
Cilium has insecure IPsec transport encryption
Ecosystems: go
Packages: github.com/cilium/cilium
Source: GitHub Advisory Database
Blast Radius: 16.1
Published: 22 days ago
High
GSA_kwCzR0hTQS1ocjV3LWN3d3EtMnY0bc4AA6as
ZITADEL's Improper Content-Type Validation Leads to Account Takeover via Stored XSS + CSP Bypass
Ecosystems: go
Packages: github.com/zitadel/zitadel
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 22 days ago
Moderate
GSA_kwCzR0hTQS1ncDhnLWY0MmYtOTVxMs4AA6ar
ZITADEL's actions can overload reserved claims
Ecosystems: go
Packages: github.com/zitadel/zitadel
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 22 days ago
High
GSA_kwCzR0hTQS03OGh4LWdwNmctN21qNs4AA6LJ
Memory leaks in code encrypting and verifying RSA payloads
Ecosystems: go
Packages: github.com/microsoft/go-crypto-openssl/openssl, github.com/golang-fips/openssl/v2, github.com/microsoft/go-crypto-openssl, github.com/golang-fips/openssl/openssl, github.com/golang-fips/go
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS1tcTM5LTRndjQtbXZweM4AA6LH
Moby's external DNS requests from 'internal' networks could lead to data exfiltration
Ecosystems: go
Packages: github.com/docker/docker
Source: GitHub Advisory Database
Blast Radius: 27.2
Published: about 1 month ago
High
GSA_kwCzR0hTQS1wbWYzLWMzNm0tZzVjZs4AA6JC
Container escape at build time
Ecosystems: go
Packages: github.com/containers/buildah
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
High
GSA_kwCzR0hTQS1oZnJnLTRqd3ItamZwas4AA6Gn
Improper HTML sanitization in ZITADEL
Ecosystems: go
Packages: github.com/zitadel/zitadel
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS12NnEyLTRxcjMtNWN3Ns4AA6Gm
Unencrypted traffic between nodes when using WireGuard and L7 policies
Ecosystems: go
Packages: github.com/cilium/cilium
Source: GitHub Advisory Database
Blast Radius: 12.3
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS1qODloLXFydnIteGMzNs4AA6Gl
Unencrypted traffic between nodes when using IPsec and L7 policies
Ecosystems: go
Packages: github.com/cilium/cilium
Source: GitHub Advisory Database
Blast Radius: 12.3
Published: about 1 month ago
High
GSA_kwCzR0hTQS02OG1qLTlwanEtbWM4Nc4AA6Gk
Intermittent HTTP policy bypass
Ecosystems: go
Packages: github.com/cilium/cilium
Source: GitHub Advisory Database
Blast Radius: 14.5
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS0ydmdnLTloNnctbTQ1NM4AA6Gi
Bypassing Rate Limit and Brute Force Protection Using Cache Overflow
Ecosystems: go
Packages: github.com/argoproj/argo-cd/v2
Source: GitHub Advisory Database
Blast Radius: 11.7
Published: about 1 month ago
High
GSA_kwCzR0hTQS02djg1LXdyOTItcTRwN84AA6Gh
Denial of Service (DoS) Vulnerability Due to Unsafe Array Modification in Multi-threaded Environment
Ecosystems: go
Packages: github.com/argoproj/argo-cd
Source: GitHub Advisory Database
Blast Radius: 11.2
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS14MzJtLW12ZmotNTJ4ds4AA6Fg
Bypassing Brute Force Protection via Application Crash and In-Memory Data Loss
Ecosystems: go
Packages: github.com/argoproj/argo-cd/v2
Source: GitHub Advisory Database
Blast Radius: 11.7
Published: about 1 month ago
High
GSA_kwCzR0hTQS00amhqLTNndjMtYzNncs4AA6CS
CLI for Vela Insecure Variable Substitution
Ecosystems: go
Packages: github.com/go-vela/cli
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
High
GSA_kwCzR0hTQS12OG14LWhwMnEtZ3c4Nc4AA6CR
Golang SDK for Vela Insecure Variable Substitution
Ecosystems: go
Packages: github.com/go-vela/sdk-go
Source: GitHub Advisory Database
Blast Radius: 6.5
Published: about 1 month ago
High
GSA_kwCzR0hTQS02OXA0LWo1djUteDIzNM4AA6CQ
Server/API for Vela Insecure Variable Substitution
Ecosystems: go
Packages: github.com/go-vela/server
Source: GitHub Advisory Database
Blast Radius: 6.0
Published: about 1 month ago
High
GSA_kwCzR0hTQS03djM4LXczMm0td3g0bc4AA6CP
Types for Vela Insecure Variable Substitution
Ecosystems: go
Packages: github.com/go-vela/types
Source: GitHub Advisory Database
Blast Radius: 10.9
Published: about 1 month ago
Critical
GSA_kwCzR0hTQS1qd3Y1LThtcXYtZzM4N84AA6CM
Cross-site scripting on application summary component
Ecosystems: go
Packages: github.com/argoproj/argo-cd/v2, github.com/argoproj/argo-cd
Source: GitHub Advisory Database
Blast Radius: 19.7
Published: about 1 month ago
High
GSA_kwCzR0hTQS13NXd4LTZnMnItcjc4cc4AA6CJ
Nuclei allows unsigned code template execution through workflows
Ecosystems: go
Packages: github.com/projectdiscovery/nuclei/v3
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
Critical
GSA_kwCzR0hTQS00OTRoLTk5MjQteHd3Oc4AA6B3
Pterodactyl Wings vulnerable to improper isolation of server file access
Ecosystems: go
Packages: github.com/pterodactyl/wings
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS13eDhxLTRnbTktcmoyZ84AA6B0
Fluid vulnerable to OS Command Injection for Fluid Users with JuicefsRuntime
Ecosystems: go
Packages: github.com/fluid-cloudnative/fluid
Source: GitHub Advisory Database
Blast Radius: 1.9
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS1nNjIzLWpjZ2ctbWhtbc4AA6Bz
Users with `create` but not `override` privileges can perform local sync
Ecosystems: go
Packages: github.com/argoproj/argo-cd/v2, github.com/argoproj/argo-cd
Source: GitHub Advisory Database
Blast Radius: 13.9
Published: about 1 month ago
High
GSA_kwCzR0hTQS1wd3g1LTZ3eGctcHg1aM4AA6Ac
Insecure Variable Substitution in Vela
Ecosystems: go
Packages: github.com/go-vela/worker
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
High
GSA_kwCzR0hTQS05NXJ4LW05bTUtbTk0ds4AA56u
ASA-2024-006: ValidateVoteExtensions helper function in Cosmos SDK may allow incorrect voting power assumptions
Ecosystems: go
Packages: github.com/cosmos/cosmos-sdk
Source: GitHub Advisory Database
Blast Radius: 23.9
Published: about 1 month ago
High
GSA_kwCzR0hTQS1tcTR4LXIydzMtajdtcs4AA54b
Account Takeover via Session Fixation in Zitadel [Bypassing MFA]
Ecosystems: go
Packages: github.com/zitadel/zitadel
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS14MnZnLTV3cmYtdmo2ds4AA53Z
1Panel is vulnerable to command injection
Ecosystems: go
Packages: github.com/1Panel-dev/1Panel
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS1oajN2LW02ODQtdjI1Oc4AA52y
JWX vulnerable to a denial of service attack using compressed JWE message
Ecosystems: go
Packages: github.com/lestrrat-go/jwx, github.com/lestrrat-go/jwx/v2
Source: GitHub Advisory Database
Blast Radius: 23.5
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS1jNXEyLTdyNGMtbXY2Z84AA51M
Go JOSE vulnerable to Improper Handling of Highly Compressed Data (Data Amplification)
Ecosystems: go
Packages: gopkg.in/go-jose/go-jose.v2, github.com/go-jose/go-jose/v3, github.com/go-jose/go-jose/v4
Source: GitHub Advisory Database
Blast Radius: 14.4
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS01bXhmLTQyZjUtajc4Ms4AA503
Grafana's users with permissions to create a data source can CRUD all data sources
Ecosystems: go
Packages: github.com/grafana/grafana
Source: GitHub Advisory Database
Blast Radius: 10.2
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS01cGY2LTJxd3gtcHhtMs4AA5zw
Go SDK for CloudEvents's use of WithRoundTripper to create a Client leaks credentials
Ecosystems: go
Packages: github.com/cloudevents/sdk-go/v2
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS0yNnczLXE0ajgtNHhqcM4AA5zI
1Panel open source panel project has an unauthorized vulnerability.
Ecosystems: go
Packages: github.com/1Panel-dev/1Panel
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
High
GSA_kwCzR0hTQS1jNjl4LTV4bXctdjQ0eM4AA5zG
CasaOS Improper Restriction of Excessive Authentication Attempts vulnerability
Ecosystems: go
Packages: github.com/IceWhaleTech/CasaOS-UserService
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS1jOTY3LTI2NTItZ2Zqbc4AA5zF
CasaOS Username Enumeration
Ecosystems: go
Packages: github.com/IceWhaleTech/CasaOS-UserService
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
High
GSA_kwCzR0hTQS1oNWdmLWNtbTgtY2c3Y84AA5zE
CasaOS-UserService allows unauthorized access to any file
Ecosystems: go
Packages: github.com/IceWhaleTech/CasaOS-UserService
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS04cjNmLTg0NGMtbWMzN84AA5yO
Golang protojson.Unmarshal function infinite loop when unmarshaling certain forms of invalid JSON
Ecosystems: go
Packages: google.golang.org/protobuf/internal/encoding/json, google.golang.org/protobuf/encoding/protojson, google.golang.org/protobuf
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
High
GSA_kwCzR0hTQS12NjI3LTY5djIteHgzN84AA5xb
`GetRepositoryByName`, `DeleteRepositoryByName` and `GetArtifactByName` allow access of arbitrary repositories in Minder by any authenticated user
Ecosystems: go
Packages: github.com/stacklok/minder
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
High
GSA_kwCzR0hTQS1yM3c3LW1mcG0tYzJ2d84AA5wI
Incorrect TLS certificate auth method in Vault
Ecosystems: go
Packages: github.com/hashicorp/vault
Source: GitHub Advisory Database
Blast Radius: 27.3
Published: about 2 months ago
High
GSA_kwCzR0hTQS03Y2MyLXI2NTgtN3hwZs4AA5wH
Coder's OIDC authentication allows email with partially matching domain to register
Ecosystems: go
Packages: github.com/coder/coder, github.com/coder/coder/v2
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
Moderate
GSA_kwCzR0hTQS03andoLTN2cnEtcTNtOM4AA5wG
pgproto3 SQL Injection via Protocol Message Size Overflow
Ecosystems: go
Packages: github.com/jackc/pgx/v5, github.com/jackc/pgx/v4, github.com/jackc/pgproto3/v2, github.com/jackc/pgproto3
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
Moderate
GSA_kwCzR0hTQS1tcnd3LTI3dmMtZ2dods4AA5wA
pgx SQL Injection via Protocol Message Size Overflow
Ecosystems: go
Packages: github.com/jackc/pgx/v5, github.com/jackc/pgx/v4, github.com/jackc/pgproto3/v2, github.com/jackc/pgproto3, github.com/jackc/pgx
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
Critical
GSA_kwCzR0hTQS1mZ3h2LWd3NTUtcjVmcc4AA5wB
Authorization Bypass Through User-Controlled Key in go-zero
Ecosystems: go
Packages: github.com/zeromicro/go-zero
Source: GitHub Advisory Database
Blast Radius: 25.2
Published: about 2 months ago
Moderate
GSA_kwCzR0hTQS1tN3dyLTJ4ZjctY205cM4AA5v_
pgx SQL Injection via Line Comment Creation
Ecosystems: go
Packages: github.com/jackc/pgx/v4, github.com/jackc/pgx
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
Moderate
GSA_kwCzR0hTQS1qdzQ0LTRmM2otcTM5Ns4AA5uc
Helm shows secrets in clear text
Ecosystems: go
Packages: helm.sh/helm/v3
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
High
GSA_kwCzR0hTQS1oM203LXJxYzQtN2g5cM4AA5sZ
Integer overflow in chunking helper causes dispatching to miss elements or panic
Ecosystems: go
Packages: github.com/authzed/spicedb
Source: GitHub Advisory Database
Blast Radius: 9.0
Published: about 2 months ago
Moderate
GSA_kwCzR0hTQS12bTltLTU3anItNHB4aM4AA5qH
Mattermost fails to limit the number of role names
Ecosystems: go
Packages: github.com/mattermost/mattermost/server/v8
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
Low
GSA_kwCzR0hTQS0zZzM1LXY1M3ItZ3B4Y84AA5qJ
Mattermost race condition
Ecosystems: go
Packages: github.com/mattermost/mattermost/server/v8
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
Low
GSA_kwCzR0hTQS1yNGZtLWc2NWgtY3I1NM4AA5qG
Mattermost incorrectly allows access individual posts
Ecosystems: go
Packages: github.com/mattermost/mattermost/server/v8
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
Moderate
GSA_kwCzR0hTQS1od2pmLTQ2NjctZ3F3eM4AA5qF
Mattermost allows attackers access to posts in channels they are not a member of
Ecosystems: go
Packages: github.com/mattermost/mattermost/server/v8
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
Moderate
GSA_kwCzR0hTQS03djN2LTk4NHYtaDc0cs4AA5p_
Mattermost leaks details of AD/LDAP groups of a teams
Ecosystems: go
Packages: github.com/mattermost/mattermost/server/v8
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
Moderate
GSA_kwCzR0hTQS02bXgzLTlxZmgtNzdnas4AA5qA
Mattermost denial of service through long emoji value
Ecosystems: go
Packages: github.com/mattermost/mattermost/server/v8
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
Moderate
GSA_kwCzR0hTQS1meDQ4LXh2NnEtNmdwM84AA5p9
Mattermost post fetching without auditing in compliance export
Ecosystems: go
Packages: github.com/mattermost/mattermost/server/v8
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
Moderate
GSA_kwCzR0hTQS1wZnc2LTVyeDMteGgzY84AA5p-
Mattermost fails to check the "invite_guest" permission
Ecosystems: go
Packages: github.com/mattermost/mattermost/server/v8
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
Low
GSA_kwCzR0hTQS14Z3hqLWo5OGMtNTlyds4AA5p6
Mattermost fails to properly restrict the access of files attached to posts
Ecosystems: go
Packages: github.com/mattermost/mattermost/server/v8
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
Moderate
GSA_kwCzR0hTQS00OXc3LTVyMzMtam05bc4AA5ok
http-swagger XSS via PUT requests
Ecosystems: go
Packages: github.com/swaggo/http-swagger
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
Moderate
GSA_kwCzR0hTQS02Mjk0LTZyZ3AtZnI3cs4AA5mt
jose2go vulnerable to denial of service via large p2c value
Ecosystems: go
Packages: github.com/dvsekhvalnov/jose2go
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
Low
GSA_kwCzR0hTQS01NTVwLW00djYtY3F4ds4AA5lr
ASA-2024-004: Default configuration param for Evidence may limit window of validity
Ecosystems: go
Packages: github.com/cometbft/cometbft
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
Low
GSA_kwCzR0hTQS04Nmg1LXhjcHgtY2ZxY84AA5jS
ASA-2024-005: Potential slashing evasion during re-delegation
Ecosystems: go
Packages: github.com/cosmos/cosmos-sdk
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
Critical
GSA_kwCzR0hTQS14NXI1LTJxcngtcnFqOM4AA5ik
Transparent TLS may not be applied to Marbles with certain manifest configurations
Ecosystems: go
Packages: github.com/edgelesssys/marblerun
Source: GitHub Advisory Database
Blast Radius: 5.5
Published: about 2 months ago
Moderate
GSA_kwCzR0hTQS1xNmg4LTRqMnYtcGpnNM4AA5gv
Minder trusts client-provided mapping from repo name to upstream ID
Ecosystems: go
Packages: github.com/stacklok/minder
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
Moderate
GSA_kwCzR0hTQS1mdnY1LWgyOWctZjZ3Nc4AA5dq
User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository
Ecosystems: go
Packages: github.com/treeverse/lakefs
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
Statistics
Advisories: 17,470
Packages: 8,115
Repositories: 531
Ecosystems: 12
Filter by Severity
Moderate 7,470 High 6,100 Critical 2,660 Low 958
Filter by Ecosystem
maven 5,492 npm 3,496 pypi 3,463 packagist 3,213 go 1,828 nuget 1,388 rubygems 812 cargo 772 swift 31 hex 29 actions 16 pub 8
Filter by Package
github.com/usememos/memos 59 github.com/mattermost/mattermost/server/v8 38 github.com/mattermost/mattermost-server/v6 37 github.com/answerdev/answer 34 k8s.io/kubernetes 30 github.com/argoproj/argo-cd 29 github.com/grafana/grafana 28 github.com/hashicorp/vault 28 github.com/hashicorp/nomad 26 github.com/hashicorp/consul 26 gogs.io/gogs 24 github.com/argoproj/argo-cd/v2 22 github.com/cilium/cilium 20 github.com/rancher/rancher 20 github.com/ethereum/go-ethereum 19 helm.sh/helm/v3 18 github.com/docker/docker 17 golang.org/x/net 17 github.com/goharbor/harbor 15 github.com/containerd/containerd 13 github.com/traefik/traefik/v2 13 code.gitea.io/gitea 13 github.com/nats-io/nats-server/v2 13 github.com/opencontainers/runc 12 github.com/cloudflare/cfrpki 11 github.com/moby/moby 11 github.com/openfga/openfga 11 github.com/cosmos/cosmos-sdk 10 github.com/go-gitea/gitea 10 github.com/greenpau/caddy-security 10 github.com/1Panel-dev/1Panel 10 github.com/sylabs/singularity 9 golang.org/x/crypto 9 github.com/zitadel/zitadel 9 github.com/containers/podman/v4 8 go.etcd.io/etcd 8 github.com/cri-o/cri-o 8 istio.io/istio 8 github.com/kubeedge/kubeedge 8 github.com/pomerium/pomerium 8 github.com/google/fscrypt 7 github.com/beego/beego 7 github.com/mattermost/mattermost-server 7 github.com/kubernetes/kubernetes 7 k8s.io/ingress-nginx 7 github.com/nats-io/jwt 7 github.com/traefik/traefik 7 helm.sh/helm 7 github.com/russellhaering/goxmldsig 6 github.com/beego/beego/v2 6 github.com/pion/dtls 6 github.com/treeverse/lakefs 6 github.com/gravitl/netmaker 6 github.com/hashicorp/go-getter 6 github.com/authzed/spicedb 6 github.com/hyperledger/fabric 6 github.com/fluxcd/flux2 6 github.com/sigstore/cosign 6 github.com/pterodactyl/wings 6 github.com/russellhaering/gosaml2 6 github.com/cubefs/cubefs 6 github.com/hashicorp/go-getter/v2 5 github.com/pion/dtls/v2 5 github.com/tidwall/gjson 5 github.com/kyverno/kyverno 5 github.com/schollz/croc/v9 5 github.com/tendermint/tendermint 5 github.com/mattermost/mattermost-server/v5 5 github.com/moby/buildkit 5 github.com/kiali/kiali 5 github.com/foxcpp/maddy 5 github.com/cometbft/cometbft 5 go.etcd.io/etcd/v3 5 github.com/traefik/traefik/v3 5 github.com/gofiber/fiber/v2 5 github.com/fluxcd/kustomize-controller 5 github.com/KubeOperator/kubepi 5 github.com/0xJacky/Nginx-UI 5 github.com/gophish/gophish 5 github.com/containers/buildah 5 github.com/free5gc/free5gc 4 github.com/aws/aws-sdk-go 4 github.com/ipfs/go-ipfs 4 github.com/crewjam/saml 4 github.com/arduino/arduino-create-agent 4 github.com/dhowden/tag 4 github.com/git-lfs/git-lfs 4 golang.org/x/net/http2 4 github.com/dexidp/dex 4 github.com/ory/fosite 4 github.com/gin-gonic/gin 4 github.com/open-policy-agent/opa 4 github.com/alist-org/alist/v3 4 github.com/argoproj/argo-workflows/v3 4 github.com/containers/podman/v3 4 github.com/concourse/concourse 4 github.com/oauth2-proxy/oauth2-proxy 4 github.com/casdoor/casdoor 4 github.com/hashicorp/go-getter/gcs/v2 4 github.com/hashicorp/go-getter/s3/v2 4 github.com/apache/trafficcontrol 4 github.com/IceWhaleTech/CasaOS-UserService 4 github.com/lestrrat-go/jwx 4 github.com/apache/incubator-answer 4 github.com/lestrrat-go/jwx/v2 4 github.com/syncthing/syncthing 3 github.com/owncast/owncast 3 github.com/projectcalico/calico 3 github.com/notaryproject/notation 3 github.com/mholt/archiver 3 github.com/docker/distribution 3 github.com/ory/oathkeeper 3 github.com/apache/servicecomb-service-center 3 github.com/quic-go/quic-go 3 github.com/hashicorp/vault/vault 3 github.com/crossplane/crossplane 3 github.com/miekg/dns 3 gopkg.in/yaml.v2 3 github.com/lightningnetwork/lnd 3 github.com/stacklok/minder 3 github.com/consensys/gnark 3 github.com/openshift/origin 3 github.com/ElrondNetwork/elrond-go 3 go.etcd.io/etcd/client/v3 3 github.com/crypto-org-chain/cronos 3 k8s.io/client-go 3 github.com/minio/minio 3 github.com/nats-io/jwt/v2 3 golang.org/x/text 3 github.com/sigstore/cosign/v2 3 github.com/flyteorg/flyteadmin 3 github.com/cheqd/cheqd-node 3 github.com/libp2p/go-libp2p 3 github.com/fluxcd/helm-controller 3 github.com/coredns/coredns 3 github.com/tharsis/evmos 3 github.com/phachon/mm-wiki 3 github.com/cortexproject/cortex 3 github.com/go-vela/server 3 github.com/jackc/pgx/v4 3 github.com/edgelesssys/constellation/v2 3 golang.org/x/image 3 github.com/hashicorp/boundary 3 github.com/caddyserver/caddy 3 kubevirt.io/kubevirt 3 github.com/weaveworks/weave-gitops 3 github.com/square/go-jose 3 github.com/artifacthub/hub 3 github.com/dutchcoders/transfer.sh 3 github.com/argoproj/argo-events 2 github.com/talos-systems/talos 2 github.com/hpcng/singularity 2 github.com/navidrome/navidrome 2 github.com/dvsekhvalnov/jose2go 2 github.com/go-vela/worker 2 github.com/jaegertracing/jaeger 2 github.com/multiversx/mx-chain-go 2 github.com/apptainer/apptainer 2 github.com/go-skynet/LocalAI 2 github.com/jackc/pgx 2 github.com/tiagorlampert/CHAOS 2 github.com/jackc/pgproto3 2 github.com/buildkite/elastic-ci-stack-for-aws/v6 2 Google.Protobuf 2 google/protobuf 2 github.com/protocolbuffers/protobuf 2 protobuf 2 github.com/jackc/pgproto3/v2 2 github.com/siderolabs/talos 2 github.com/woodpecker-ci/woodpecker 2 github.com/etcd-io/etcd 2 github.com/clastix/capsule-proxy 2 github.com/theupdateframework/go-tuf 2 github.com/flipped-aurora/gin-vue-admin/server 2 github.com/IceWhaleTech/CasaOS 2 github.com/gphper/ginadmin 2 github.com/sigstore/rekor 2 github.com/kitabisa/teler-waf 2 github.com/prometheus/prometheus 2 github.com/notaryproject/notation-go 2 github.com/microcosm-cc/bluemonday 2 github.com/pingcap/tidb 2 github.com/influxdata/influxdb 2 github.com/kata-containers/runtime 2 github.com/codenotary/immudb 2 github.com/google/exposure-notifications-verification-server 2 mellium.im/xmpp 2 github.com/apache/thrift 2 github.com/minio/console 2 github.com/ansible-semaphore/semaphore 2 github.com/unknwon/cae 2 github.com/hashicorp/terraform 2 google.golang.org/grpc 2 github.com/imgproxy/imgproxy/v3 2 github.com/mattermost/mattermost-plugin-jira 2 github.com/u-root/u-root 2 github.com/rancher/wrangler 2 sigs.k8s.io/secrets-store-csi-driver 2 github.com/gofiber/fiber 2 go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp 2
Filter by Repository
https://github.com/usememos/memos 59 https://github.com/kubernetes/kubernetes 42 https://github.com/argoproj/argo-cd 36 https://github.com/answerdev/answer 34 https://github.com/go-gitea/gitea 23 https://github.com/grafana/grafana 21 https://github.com/rancher/rancher 21 https://github.com/cilium/cilium 20 https://github.com/gogs/gogs 20 https://github.com/helm/helm 19 https://github.com/hashicorp/consul 18 https://github.com/hashicorp/vault 16 https://github.com/etcd-io/etcd 16 https://github.com/goharbor/harbor 15 https://github.com/ethereum/go-ethereum 15 https://github.com/traefik/traefik 13 https://github.com/hashicorp/nomad 13 https://github.com/golang/go 13 https://github.com/containerd/containerd 13 https://github.com/moby/moby 13 https://github.com/openfga/openfga 11 https://github.com/opencontainers/runc 11 https://github.com/cloudflare/cfrpki 11 https://github.com/1Panel-dev/1Panel 10 https://github.com/greenpau/caddy-security 10 https://github.com/nats-io/nats-server 10 https://github.com/cosmos/cosmos-sdk 10 https://github.com/containers/podman 10 https://github.com/zitadel/zitadel 9 https://github.com/istio/istio 8 https://github.com/kubeedge/kubeedge 8 https://github.com/mattermost/mattermost 8 https://github.com/cri-o/cri-o 8 https://github.com/pomerium/pomerium 8 https://github.com/docker/docker 8 https://github.com/hpcng/singularity 7 https://github.com/kubernetes/ingress-nginx 7 https://github.com/google/fscrypt 7 https://github.com/beego/beego 7 https://github.com/sigstore/cosign 6 https://github.com/schollz/croc 6 https://github.com/pterodactyl/wings 6 https://github.com/pion/dtls 6 https://github.com/authzed/spicedb 6 https://github.com/containers/buildah 6 https://github.com/moby/buildkit 6 https://github.com/cubefs/cubefs 6 https://github.com/fluxcd/flux2 6 https://github.com/hyperledger/fabric 6 https://github.com/gravitl/netmaker 6 https://github.com/hashicorp/go-getter 6 https://github.com/treeverse/lakeFS 6 https://github.com/foxcpp/maddy 5 https://github.com/kyverno/kyverno 5 https://github.com/crewjam/saml 5 https://github.com/free5gc/free5gc 5 https://github.com/ipfs/go-ipfs 5 https://github.com/cometbft/cometbft 5 https://github.com/gofiber/fiber 5 https://github.com/gophish/gophish 5 https://github.com/argoproj/argo-workflows 5 https://github.com/0xJacky/nginx-ui 5 https://github.com/russellhaering/gosaml2 5 https://github.com/tidwall/gjson 5 https://github.com/tendermint/tendermint 5 https://github.com/oauth2-proxy/oauth2-proxy 4 https://github.com/arduino/arduino-create-agent 4 https://github.com/grafana/bugbounty 4 https://github.com/ory/fosite 4 https://github.com/casdoor/casdoor 4 https://github.com/containous/traefik 4 https://github.com/IceWhaleTech/CasaOS-UserService 4 https://github.com/aws/aws-sdk-go 4 https://github.com/siderolabs/talos 4 https://github.com/dhowden/tag 4 https://github.com/lestrrat-go/jwx 4 https://github.com/nats-io/jwt 4 https://github.com/dexidp/dex 4 https://github.com/concourse/concourse 4 https://github.com/git-lfs/git-lfs 4 https://github.com/caddyserver/caddy 4 https://github.com/open-policy-agent/opa 4 https://github.com/gin-gonic/gin 4 https://github.com/cheqd/cheqd-node 3 https://github.com/kiali/kiali 3 https://github.com/quic-go/quic-go 3 https://github.com/edgelesssys/constellation 3 https://github.com/artifacthub/hub 3 https://github.com/dutchcoders/transfer.sh 3 https://github.com/libp2p/go-libp2p 3 https://github.com/open-telemetry/opentelemetry-go-contrib 3 https://github.com/syncthing/syncthing 3 https://github.com/ipfs/boxo 3 https://github.com/openshift/origin 3 https://github.com/crossplane/crossplane 3 https://github.com/gogits/gogs 3 https://github.com/square/go-jose 3 https://github.com/tailscale/tailscale 3 https://github.com/cortexproject/cortex 3 https://github.com/alist-org/alist 3 https://github.com/moby/libnetwork 3 https://github.com/sylabs/singularity 3 https://github.com/stacklok/minder 3 https://github.com/flyteorg/flyteadmin 3 https://github.com/Consensys/gnark 3 https://github.com/minio/minio 3 https://github.com/ory/oathkeeper 3 https://github.com/go-vela/server 3 https://github.com/flipped-aurora/gin-vue-admin 3 https://github.com/phachon/mm-wiki 3 https://github.com/go-yaml/yaml 3 https://github.com/weaveworks/weave-gitops 3 https://github.com/evmos/evmos 3 https://github.com/KubeOperator/KubePi 3 https://github.com/ElrondNetwork/elrond-go 3 https://github.com/coreos/etcd 2 https://github.com/labstack/echo 2 https://github.com/labring/sealos 2 https://github.com/coredns/coredns 2 https://github.com/lightningnetwork/lnd 2 https://github.com/Masterminds/goutils 2 https://github.com/woodpecker-ci/woodpecker 2 https://github.com/containers/libpod 2 https://github.com/mattermost/mattermost-plugin-jira 2 https://github.com/mellium/xmpp 2 https://github.com/mholt/archiver 2 https://github.com/microcosm-cc/bluemonday 2 https://github.com/miekg/dns 2 https://github.com/Consensys/gnark-crypto 2 https://github.com/minio/console 2 https://github.com/sylabs/sif 2 https://github.com/codenotary/immudb 2 https://github.com/multiversx/mx-chain-go 2 https://github.com/heroiclabs/nakama 2 https://github.com/elastic/beats 2 https://github.com/hashicorp/terraform 2 https://github.com/envoyproxy/envoy 2 https://github.com/facebook/fbthrift 2 https://github.com/fkie-cad/yapscan 2 https://github.com/gphper/ginadmin 2 https://github.com/fleetdm/fleet 2 https://github.com/fluid-cloudnative/fluid 2 https://github.com/gotify/server 2 https://github.com/flynn/noise 2 https://github.com/vitessio/vitess 2 https://github.com/ulikunitz/xz 2 https://github.com/google/exposure-notifications-verification-server 2 https://github.com/unknwon/cae 2 https://github.com/golang/crypto 2 https://github.com/go-jose/go-jose 2 https://github.com/go-git/go-git 2 https://github.com/u-root/u-root 2 https://github.com/mutagen-io/mutagen 2 https://github.com/kubevirt/kubevirt 2 https://github.com/kubernetes-sigs/secrets-store-csi-driver 2 https://github.com/cosmos/ethermint 2 https://github.com/temporalio/temporal 2 https://github.com/crypto-org-chain/cronos 2 https://github.com/kitabisa/teler-waf 2 https://github.com/kitabisa/teler 2 https://github.com/distribution/distribution 2 https://github.com/jackc/pgproto3 2 https://github.com/ipld/go-codec-dagpb 2 https://github.com/drakkan/sftpgo 2 https://github.com/dvsekhvalnov/jose2go 2 https://github.com/influxdata/influxdb 2 https://github.com/imgproxy/imgproxy 2 https://github.com/IceWhaleTech/CasaOS 2 https://github.com/ecnepsnai/web 2 https://github.com/theupdateframework/go-tuf 2 https://github.com/sigstore/rekor 2 https://github.com/opencontainers/distribution-spec 2 https://github.com/swaggo/http-swagger 2 https://github.com/supranational/blst 2 https://github.com/openshift/apiserver-library-go 2 https://github.com/owncast/owncast 2 https://github.com/peterzen/goresolver 2 https://github.com/pingcap/tidb 2 https://github.com/apache/trafficcontrol 2 https://github.com/SAP/cloud-security-client-go 2 https://github.com/sajari/docconv 2 https://github.com/buger/jsonparser 2 https://github.com/pires/go-proxyproto 2 https://github.com/brokercap/Bifrost 2 https://github.com/russellhaering/goxmldsig 2 https://github.com/stripe/smokescreen 2 https://github.com/bottlerocket-os/bottlerocket 2 https://github.com/apptainer/apptainer 2 https://github.com/zalando/skipper 2 https://github.com/argoproj/argo-events 2 https://github.com/bitly/oauth2_proxy 2 https://github.com/projectcapsule/capsule-proxy 2 https://github.com/rancher/wrangler 2 https://github.com/projectdiscovery/nuclei 2 https://github.com/atredispartners/advisories 2 https://github.com/authelia/authelia 2 https://github.com/edgelesssys/marblerun 2 https://github.com/zinclabs/zinc 2 https://github.com/spiffe/spire 2