Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

go Security Advisories

Loading...
Low
GSA_kwCzR0hTQS14cjdwLThxODItODc4cc4AAwLZ
teler dashboard vulnerable to DOM-based cross-site scripting (XSS)
Ecosystems: go
Packages: teler.app
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
High
GSA_kwCzR0hTQS14NDVjLWN2cDgtcTRmbc4AAwJ5
Capsule vulnerable to privilege escalation by ServiceAccount deployed in a Tenant Namespace
Ecosystems: go
Packages: github.com/clastix/capsule
Source: GitHub Advisory Database
Blast Radius: 2.6
Published: over 1 year ago
High
GSA_kwCzR0hTQS00djQ4LTRxNW0tOHZ4NM4AAwJ2
Prometheus vulnerable to basic authentication bypass
Ecosystems: go
Packages: github.com/prometheus/prometheus/v2, github.com/prometheus/prometheus
Source: GitHub Advisory Database
Blast Radius: 26.9
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS03cmcyLWN4dnAtOXA3cM4AAwIP
Prometheus Exporter-Toolkit is vulnerable to authentication bypass
Ecosystems: go
Packages: github.com/prometheus/exporter-toolkit
Source: GitHub Advisory Database
Blast Radius: 20.5
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS00N3hoLXF4cXYtbWd2Z84AAwIN
kube-httpcache is vulnerable to Cross-Site Request Forgery (CSRF)
Ecosystems: go
Packages: github.com/mittwald/kube-httpcache
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS1qMmpwLXd2cWctd2MyZ84AAwFN
crewjam/saml vulnerable to signature bypass via multiple Assertion elements due to improper authentication
Ecosystems: go
Packages: github.com/crewjam/saml
Source: GitHub Advisory Database
Blast Radius: 26.0
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS1jdmg0LWNqYzktODRxbc4AAwFH
owncast is vulnerable to SQL Injection
Ecosystems: go
Packages: github.com/owncast/owncast
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS0yMnZjLTVwZ3ctNjQ0cc4AAwDN
KubeView vulnerable to full cluster takeover due to improper authentication
Ecosystems: go
Packages: github.com/benc-uk/kubeview
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS12NDJmLWhxNzgtOGM1bc4AAwBK
Denial of service in Mattermost
Ecosystems: go
Packages: github.com/mattermost/mattermost-server
Source: GitHub Advisory Database
Blast Radius: 13.6
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS01anBoLXdycTctdjloZs4AAwBJ
Denial of service in Mattermost
Ecosystems: go
Packages: github.com/mattermost/mattermost-server
Source: GitHub Advisory Database
Blast Radius: 13.6
Published: over 1 year ago
Low
GSA_kwCzR0hTQS1xY2NtLXdtY3EtcHdyNs4AAv_M
Tailscale daemon is vulnerable to information disclosure via CSRF
Ecosystems: go
Packages: tailscale.com/cmd
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS12cXA2LXJjM2gtODNjcM4AAv_L
Tailscale Windows daemon is vulnerable to RCE via CSRF
Ecosystems: go
Packages: tailscale.com
Source: GitHub Advisory Database
Blast Radius: 19.2
Published: over 1 year ago
High
GSA_kwCzR0hTQS1wcDNmLXhydzUtcTVqNM4AAv_J
Lancet vulnerable to path traversal when unzipping files
Ecosystems: go
Packages: github.com/duke-git/lancet, github.com/duke-git/lancet/v2
Source: GitHub Advisory Database
Blast Radius: 15.1
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS02Y3FqLTY5NjktcDU3eM4AAv-p
Lack of proper validation of server UUID can be used by the server to trick the client to accept invalid proofs
Ecosystems: go
Packages: github.com/codenotary/immudb
Source: GitHub Advisory Database
Blast Radius: 9.2
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS02NzJwLW01anEtbXJoOM4AAv-o
Insufficient Verification of Proofs generated by the immudb server in client SDK.
Ecosystems: go
Packages: github.com/codenotary/immudb
Source: GitHub Advisory Database
Blast Radius: 8.5
Published: over 1 year ago
High
GSA_kwCzR0hTQS1tNzR4LWZ4amgtM3FoOc4AAv9L
Free5gc vulnerable to uncontrolled resource consumption
Ecosystems: go
Packages: github.com/free5gc/free5gc
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
High
GSA_kwCzR0hTQS1oYzgyLXc5djgtODNwcs4AAv8P
Witness Block Parsing DoS Vulnerability
Ecosystems: go
Packages: github.com/lightningnetwork/lnd
Source: GitHub Advisory Database
Blast Radius: 17.7
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1tNXhmLXg3cTYtM3JtN84AAv8J
KubeVela VelaUX APIserver has SSRF vulnerability
Ecosystems: go
Packages: github.com/oam-dev/kubevela
Source: GitHub Advisory Database
Blast Radius: 7.0
Published: over 1 year ago
High
GSA_kwCzR0hTQS1ndzJnLWhoYzktd2dqaM4AAv5M
Missing Authorization in HashiCorp Consul
Ecosystems: go
Packages: github.com/hashicorp/consul
Source: GitHub Advisory Database
Blast Radius: 26.1
Published: over 1 year ago
High
GSA_kwCzR0hTQS1wcmpxLWY0cTMtZnZmcs4AAv43
github.com/russellhaering/gosaml2 is vulnerable to NULL Pointer Dereference
Ecosystems: go
Packages: github.com/russellhaering/goxmldsig, github.com/russellhaering/gosaml2
Source: GitHub Advisory Database
Blast Radius: 23.9
Published: over 1 year ago
High
GSA_kwCzR0hTQS1qcjc3LThneDQtaDVxaM4AAv0s
MessagePack for Golang subject to DoS via Unmarshal panic
Ecosystems: go
Packages: github.com/shamaton/msgpack/v2
Source: GitHub Advisory Database
Blast Radius: 8.1
Published: over 1 year ago
Low
GSA_kwCzR0hTQS12cDM1LTg1cTUtOWYyNc4AAv0i
Container build can leak any path on the host into the container
Ecosystems: go
Packages: github.com/moby/moby
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS05OWc1LTU2NDMteHBocM4AAv0J
mm-wiki is vulnerable to Cross-Site Scripting (XSS)
Ecosystems: go
Packages: github.com/phachon/mm-wiki
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Low
GSA_kwCzR0hTQS05Zm1jLTVmcTQtNWp3aM4AAvx0
HashiCorp Nomad vulnerable to Insufficient Session Expiration
Ecosystems: go
Packages: github.com/hashicorp/nomad
Source: GitHub Advisory Database
Blast Radius: 6.3
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS03d2c0LThtNXAtaHJmZ84AAvyQ
HashiCorp Nomad vulnerable to non-sensitive metadata exposure
Ecosystems: go
Packages: github.com/hashicorp/nomad
Source: GitHub Advisory Database
Blast Radius: 11.6
Published: over 1 year ago
High
GSA_kwCzR0hTQS02YzZwLWg3OWYtZzZwNM4AAvxx
Istio may allow identity impersonation if user has localhost access
Ecosystems: go
Packages: github.com/istio/istio
Source: GitHub Advisory Database
Blast Radius: 2.3
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS01bTdnLXBqOHctNzU5M84AAvxv
Vela Insecure Defaults
Ecosystems: go
Packages: github.com/go-vela/worker, github.com/go-vela/server
Source: GitHub Advisory Database
Blast Radius: 7.8
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS0zZ2ZqLWZ4eDQtZjIyd84AAvv1
OpenFGA Authorization Bypass
Ecosystems: go
Packages: github.com/openfga/openfga
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS0yY2hnLTg2aHEtN3czOM4AAvue
btcd mishandles witness size checking
Ecosystems: go
Packages: github.com/btcsuite/btcd, github.com/lightningnetwork/lnd
Source: GitHub Advisory Database
Blast Radius: 39.4
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS03ZnhqLWZyM3Ytcjlnas4AAvtj
TiDB vulnerable to Use of Externally-Controlled Format String
Ecosystems: go
Packages: github.com/pingcap/tidb
Source: GitHub Advisory Database
Blast Radius: 26.5
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1wbXc5LTU2N3AtNjhwY84AAvmZ
OctoRPKI crashes when max iterations is reached
Ecosystems: go
Packages: github.com/cloudflare/cfrpki
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS14cXYyLTN2dnEtcWc2cs4AAvkJ
Hashicorp Boundary vulnerable to clickjacking
Ecosystems: go
Packages: github.com/hashicorp/boundary
Source: GitHub Advisory Database
Blast Radius: 2.9
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS03Z2M0LXI1anItOWh4ds4AAvim
Gin-vue-admin subject to Remote Code Execution via file upload vulnerability
Ecosystems: go
Packages: github.com/flipped-aurora/gin-vue-admin/server
Source: GitHub Advisory Database
Blast Radius: 13.2
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS1mMnJqLW00MnItNmptMs4AAvil
Skipper vulnerable to SSRF via X-Skipper-Proxy
Ecosystems: go
Packages: github.com/zalando/skipper
Source: GitHub Advisory Database
Blast Radius: 10.6
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS12ajRtLTgzbTgteHB3Nc4AAvii
OpenFGA Authorization Bypass via tupleset wildcard
Ecosystems: go
Packages: github.com/openfga/openfga
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1mNG1tLTJyNjktbWc1Zs4AAvih
OpenFGA Authorization Bypass
Ecosystems: go
Packages: github.com/openfga/openfga
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS05NXg3LW1oNzgtN3cycs4AAvig
OpenFGA subject to Information Disclosure via streamed-list-objects endpoint
Ecosystems: go
Packages: github.com/openfga/openfga
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS01OWhqLTYyZjUtZmdtY84AAvg6
free5GC vulnerable to malformed NGAP message crashing the AMF and NGAP decoders
Ecosystems: go
Packages: github.com/free5gc/free5gc
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS01anAyLXZ3cmotOTlyZs4AAvd3
Team scope authorization bypass when Post/Put request with :team_name in body, allows HTTP parameter pollution
Ecosystems: go
Packages: github.com/concourse/concourse
Source: GitHub Advisory Database
Blast Radius: 7.2
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1mNHA1LXg0dmMtbWg0ds4AAvcq
Improper use of metav1.Duration allows for Denial of Service
Ecosystems: go
Packages: github.com/fluxcd/source-controller/api, github.com/fluxcd/notification-controller/api, github.com/fluxcd/kustomize-controller/api, github.com/fluxcd/image-reflector-controller/api, github.com/fluxcd/image-automation-controller/api, github.com/fluxcd/helm-controller/api, github.com/fluxcd/image-reflector-controller, github.com/fluxcd/image-automation-controller, github.com/fluxcd/notification-controller, github.com/fluxcd/helm-controller, github.com/fluxcd/kustomize-controller, github.com/fluxcd/source-controller, github.com/fluxcd/flux2
Source: GitHub Advisory Database
Blast Radius: 10.5
Published: over 1 year ago
High
GSA_kwCzR0hTQS1teHJ4LWZnOHAtNXA1as4AAvaq
Bifrost vulnerable to authentication check flaw that leads to authentication bypass
Ecosystems: go
Packages: github.com/brokercap/Bifrost
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
High
GSA_kwCzR0hTQS1qOTJjLW1tZjctajV4Nc4AAvaR
Potential inter-blockchain communication (IBC) protocol compromise via "Dragonberry" vulnerability in cheqd
Ecosystems: go
Packages: github.com/cheqd/cheqd-node
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS13OHh3LTdjcmYtaDIzeM4AAvXZ
Gitea vulnerable to Argument Injection
Ecosystems: go
Packages: github.com/go-gitea/gitea
Source: GitHub Advisory Database
Blast Radius: 15.8
Published: over 1 year ago
High
GSA_kwCzR0hTQS02OWNoLXcybTItM3ZqcM4AAvV0
golang.org/x/text/language Denial of service via crafted Accept-Language header
Ecosystems: go
Packages: golang.org/x/text
Source: GitHub Advisory Database
Blast Radius: 40.9
Published: over 1 year ago
High
GSA_kwCzR0hTQS1xajZyLWZocmMtamo1cs4AAvUB
Remote denial of service in Hyperledger Fabric Gateway
Ecosystems: go
Packages: github.com/hyperledger/fabric
Source: GitHub Advisory Database
Blast Radius: 18.2
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS03djNnLTQ4NzgtNXFyZs4AAvRN
Nomad Panics On Job Submission With Bad Artifact Stanza Source URL
Ecosystems: go
Packages: github.com/hashicorp/nomad
Source: GitHub Advisory Database
Blast Radius: 15.1
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS1tY2pqLTJmdnEtbWMzcs4AAvPZ
Gogs vulnerable to Cross-site Scripting
Ecosystems: go
Packages: gogs.io/gogs
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1td3djLTNqdjItNjJqM84AAvPW
AdGuardHome vulnerable to Cross-Site Request Forgery
Ecosystems: go
Packages: github.com/AdguardTeam/AdGuardHome
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
High
GSA_kwCzR0hTQS1jNmh4LXBqYzMtN2Zxcs4AAvOE
Traefik HTTP/2 connections management could cause a denial of service
Ecosystems: go
Packages: github.com/traefik/traefik/v2
Source: GitHub Advisory Database
Blast Radius: 12.9
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS14Mjc5LTY4cnItanA0cM4AAvME
Blst vulnerable to incorrect results for some inputs in blst_fp_eucl_inverse function
Ecosystems: go
Packages: github.com/supranational/blst
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1wNjU4LTg2OTMtbWh2Z84AAvMD
Tendermint Core vulnerable to Uncontrolled Resource Consumption
Ecosystems: go
Packages: github.com/tendermint/tendermint
Source: GitHub Advisory Database
Blast Radius: 22.6
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS05M203LWM2OWYtNWNmas4AAvMA
xmlquery lacks check for whether LoadURL response is in XML format, causing denial of service
Ecosystems: go
Packages: github.com/antchfx/xmlquery
Source: GitHub Advisory Database
Blast Radius: 32.5
Published: over 1 year ago
High
GSA_kwCzR0hTQS1tcXF2LWNocHgtdnEyNc4AAvL_
goxmldsig vulnerable to crash on nil-pointer dereference caused by sending malformed XML signatures
Ecosystems: go
Packages: github.com/russellhaering/gosaml2, github.com/russellhaering/goxmldsig
Source: GitHub Advisory Database
Blast Radius: 23.9
Published: over 1 year ago
Low
GSA_kwCzR0hTQS05Z3A3LTY4MzMtd3Y4Oc4AAvLw
etcd having a negative value for cluster node size results in an index out-of-bound panic during service discovery
Ecosystems: go
Packages: go.etcd.io/etcd/client/v3
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Low
GSA_kwCzR0hTQS01MjhqLTlyNzgtd2ZmeM4AAvLv
etcd user credentials are stored in WAL logs in plaintext
Ecosystems: go
Packages: go.etcd.io/etcd/client/v3
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS00OTkzLW03ZzUtcjloaM4AAvLu
etcd has no minimum password length
Ecosystems: go
Packages: go.etcd.io/etcd/client/v3
Source: GitHub Advisory Database
Blast Radius: 25.0
Published: over 1 year ago
Low
GSA_kwCzR0hTQS1oOGc5LTZndmgtNW1yY84AAvLt
etcd vulnerable to TOCTOU of gateway endpoint authentication
Ecosystems: go
Packages: go.etcd.io/etcd/v3
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1tMzMyLTUzcjYtMnc5M84AAvLs
etcd's WAL `ReadAll` method vulnerable to an entry with large index causing panic
Ecosystems: go
Packages: go.etcd.io/etcd/v3
Source: GitHub Advisory Database
Blast Radius: 16.8
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS1ncjd3LXgyanAtM3hnd84AAvLr
Caddy vulnerable to Authentication Bypass due to mishandling of TLS client authentication
Ecosystems: go
Packages: github.com/caddyserver/caddy
Source: GitHub Advisory Database
Blast Radius: 32.7
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1tNW0zLTQ2Z2otd2NoOM4AAvLn
SIF's Digital Signature Hash Algorithms Not Validated
Ecosystems: go
Packages: github.com/sylabs/sif/v2
Source: GitHub Advisory Database
Blast Radius: 16.7
Published: over 1 year ago
High
GSA_kwCzR0hTQS02N3g0LXFyMzUtcXZybc4AAvK5
FlyteAdmin's Default OAuth Authorization Server secret must be rotated
Ecosystems: go
Packages: github.com/flyteorg/flyteadmin
Source: GitHub Advisory Database
Blast Radius: 5.2
Published: over 1 year ago
High
GSA_kwCzR0hTQS0ydzZtLXE5NDYtMzk5cs4AAvKQ
Dapr Dashboard vulnerable to Incorrect Access Control
Ecosystems: go
Packages: github.com/dapr/dashboard
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS12aDdnLXAyNmMtajJjd84AAvJw
Dex vulnerable to Man-in-the-Middle allowing ID token capture via intercepted authorization code
Ecosystems: go
Packages: github.com/dexidp/dex
Source: GitHub Advisory Database
Blast Radius: 17.0
Published: over 1 year ago
High
GSA_kwCzR0hTQS05cnB3LTJoOTUtNjY2Y84AAvJs
Cloudflare GoFlow vulnerable to a Denial of Service in the sflow packet handling package
Ecosystems: go
Packages: github.com/cloudflare/goflow/v3
Source: GitHub Advisory Database
Blast Radius: 5.8
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1wd3E3LWY3ZjktY20yas4AAvIC
Dutchoders transfer.sh contains an XSS vulnerability via malicious file upload
Ecosystems: go
Packages: github.com/dutchcoders/transfer.sh
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS01cmM0LXY1bWotZzhjNM4AAvHH
Bytebase does not restrict low privilege user to access admin issues
Ecosystems: go
Packages: github.com/bytebase/bytebase
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS1jcnhqLWhybXAtNHJ3Zs4AAvG8
Labstack Echo Open Redirect vulnerability
Ecosystems: go
Packages: github.com/labstack/echo/v4
Source: GitHub Advisory Database
Blast Radius: 41.3
Published: over 1 year ago
High
GSA_kwCzR0hTQS1jOXFyLWY2Yzgtcmd4Zs4AAvGw
Hertz contains path traversal via normalizePath function
Ecosystems: go
Packages: github.com/cloudwego/hertz
Source: GitHub Advisory Database
Blast Radius: 18.0
Published: over 1 year ago
High
GSA_kwCzR0hTQS1wNmZoLXhjNnItZzVod84AAvFp
Brokercap Bifrost subject to authentication bypass when using HTTP basic authentication
Ecosystems: go
Packages: github.com/brokercap/Bifrost
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1tNjlyLTlnNTYtN212OM4AAvDf
HashiCorp Consul vulnerable to authorization bypass
Ecosystems: go
Packages: github.com/hashicorp/consul
Source: GitHub Advisory Database
Blast Radius: 22.6
Published: over 1 year ago
High
GSA_kwCzR0hTQS05dzdqLXEzeHctcDl2aM4AAvDN
Hyperledger Fabric subject to Denial of Service via non-validated request
Ecosystems: go
Packages: github.com/hyperledger/fabric
Source: GitHub Advisory Database
Blast Radius: 19.5
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1tN3c0LXE1dmctNXhmcM4AAvBm
Mattermost subject to Denial of Service via upload of special GIF
Ecosystems: go
Packages: github.com/mattermost/mattermost-server/v6
Source: GitHub Advisory Database
Blast Radius: 14.5
Published: over 1 year ago
High
GSA_kwCzR0hTQS1ocjN2LThjcDMtNjhyZs4AAvAj
HashiCorp Consul does not properly validate node or segment names prior to usage in JWT claim assertions
Ecosystems: go
Packages: github.com/hashicorp/consul
Source: GitHub Advisory Database
Blast Radius: 24.7
Published: over 1 year ago
High
GSA_kwCzR0hTQS1nbWhqLXhqZmgtY2Y2bc4AAvAc
Caddy-SSH vulnerable to Authorization Bypass due to incorrect usage of PAM library
Ecosystems: go
Packages: github.com/mohammed90/caddy-ssh
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS1nN2o3LWg0cTgtOHcyZs4AAvAZ
Rancher API and cluster.management.cattle.io object vulnerable to plaintext storage and exposure of credentials
Ecosystems: go
Packages: github.com/rancher/rancher
Source: GitHub Advisory Database
Blast Radius: 16.0
Published: over 1 year ago
High
GSA_kwCzR0hTQS0yOHE5LTljM2ctdjNmOc4AAvAW
lakeFS vulnerable to authenticated users deleting files they are not authorized to delete
Ecosystems: go
Packages: github.com/treeverse/lakefs
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS03Y2d2LXY4M3YtcnI4N84AAvAP
HashiCorp Vault vulnerable to incorrect metadata access
Ecosystems: go
Packages: github.com/hashicorp/vault
Source: GitHub Advisory Database
Blast Radius: 30.6
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1mZzI1LWdxOWctMzJteM4AAu9Y
Cross site scripting in Cloudreve
Ecosystems: go
Packages: github.com/cloudreve/Cloudreve/v3, github.com/HFO4/cloudreve
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1jZjdnLWNtN3EtcnE3Zs4AAu8S
SFTPGo WebClient vulnerable to Cross-site Scripting
Ecosystems: go
Packages: github.com/drakkan/sftpgo
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: over 1 year ago
High
GSA_kwCzR0hTQS1waGpyLThqOTItdzV2N84AAu6n
CRI-O incorrect handling of supplementary groups may lead to sensitive information disclosure
Ecosystems: go
Packages: github.com/cri-o/cri-o
Source: GitHub Advisory Database
Blast Radius: 12.7
Published: over 1 year ago
High
GSA_kwCzR0hTQS00cDZmLW00ZjktY2g4OM4AAu2R
Binary vulnerable to Slice Memory Allocation with Excessive Size Value
Ecosystems: go
Packages: github.com/gagliardetto/binary
Source: GitHub Advisory Database
Blast Radius: 17.9
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS1tdjh4LTY2OG0tNTNmZ84AAu2O
Elrond-go has improper initialization
Ecosystems: go
Packages: github.com/ElrondNetwork/elrond-go
Source: GitHub Advisory Database
Blast Radius: 10.9
Published: over 1 year ago
High
GSA_kwCzR0hTQS01NHF4LThwOHcteGhnOM4AAu2C
SFTPGo vulnerable to recovery codes abuse
Ecosystems: go
Packages: github.com/drakkan/sftpgo/v2
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1yYzRyLXdoMnEtcTZjNM4AAu15
Moby supplementary group permissions not set up properly, allowing attackers to bypass primary group restrictions
Ecosystems: go
Packages: github.com/moby/moby
Source: GitHub Advisory Database
Blast Radius: 20.3
Published: over 1 year ago
High
GSA_kwCzR0hTQS14aG1mLW1tdjItNGhoeM4AAu14
Go-CVSS has Out-of-bounds Read vulnerability in ParseVector function
Ecosystems: go
Packages: github.com/pandatix/go-cvss
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS14eDl3LTQ2NGYtN2g2Zs4AAu10
Harbor fails to validate the user permissions when updating a robot account
Ecosystems: go
Packages: github.com/goharbor/harbor
Source: GitHub Advisory Database
Blast Radius: 3.9
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS04YzZwLXY4MzctNzdmNs4AAu1z
Harbor fails to validate the user permissions when updating tag immutability policies
Ecosystems: go
Packages: github.com/goharbor/harbor
Source: GitHub Advisory Database
Blast Radius: 3.9
Published: over 1 year ago
High
GSA_kwCzR0hTQS1qZjhwLTN2amgtcHE5NM4AAu1y
Harbor fails to validate the user permissions when viewing Webhook policies
Ecosystems: go
Packages: github.com/goharbor/harbor
Source: GitHub Advisory Database
Blast Radius: 4.6
Published: over 1 year ago
High
GSA_kwCzR0hTQS0zNjM3LXY2dnEteHFxd84AAu1x
Harbor fails to validate the user permissions when updating tag retention policies
Ecosystems: go
Packages: github.com/goharbor/harbor
Source: GitHub Advisory Database
Blast Radius: 4.6
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS04Z3c3LTRqNDItdzM4OM4AAu1s
Cosign bundle can be crafted to successfully verify a blob even if the embedded rekorBundle does not reference the given signature
Ecosystems: go
Packages: github.com/sigstore/cosign
Source: GitHub Advisory Database
Blast Radius: 15.5
Published: over 1 year ago
High
GSA_kwCzR0hTQS1wMmc3LXh3dnItcnJ3M84AAu1q
Helm Controller denial of service
Ecosystems: go
Packages: github.com/fluxcd/flux2, github.com/fluxcd/helm-controller
Source: GitHub Advisory Database
Blast Radius: 8.6
Published: over 1 year ago
High
GSA_kwCzR0hTQS1mNTI0LXJmMzMtMmpqcs4AAu1k
OPA Compiler: Bypass of WithUnsafeBuiltins using "with" keyword to mock functions
Ecosystems: go
Packages: github.com/open-policy-agent/opa
Source: GitHub Advisory Database
Blast Radius: 24.5
Published: over 1 year ago
High
GSA_kwCzR0hTQS03aGdjLXBocDUtNzdxcc4AAu1b
Talos worker join token can be used to get elevated access level to the Talos API
Ecosystems: go
Packages: github.com/talos-systems/talos
Source: GitHub Advisory Database
Blast Radius: 8.7
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1qcjhqLTJqaHAtbTY3ds4AAu1Y
nftables binding to an already bound chain
Ecosystems: go
Packages: github.com/siderolabs/talos
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
High
GSA_kwCzR0hTQS0zNHZ3LW00cmgtcjM2cM4AAu1X
Talos vulnerable dependency due to race condition in Linux kernel's IP framework XFRM
Ecosystems: go
Packages: github.com/talos-systems/talos
Source: GitHub Advisory Database
Blast Radius: 8.4
Published: over 1 year ago
Low
GSA_kwCzR0hTQS0zNjMzLTVoODItMzlwcc4AAu1W
Go-tuf Improperly handles multiple key IDs for the same public keys in attacker-controlled metadata
Ecosystems: go
Packages: github.com/theupdateframework/go-tuf
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
High
GSA_kwCzR0hTQS1nZ2Y2LTYzOG0tdnFtZ84AAuz0
Netmaker vulnerable to Insufficient Granularity of Access Control
Ecosystems: go
Packages: github.com/gravitl/netmaker
Source: GitHub Advisory Database
Blast Radius: 6.8
Published: over 1 year ago
High
GSA_kwCzR0hTQS1wZnc0LXhqZ20tMjY3Y84AAuzz
Dendrite signature checks not applied to some retrieved missing events
Ecosystems: go
Packages: github.com/matrix-org/dendrite
Source: GitHub Advisory Database
Blast Radius: 2.2
Published: over 1 year ago
High
GSA_kwCzR0hTQS1xdjk4LTMzNjktZzM2NM4AAuzr
KubeVirt vulnerable to arbitrary file read on host
Ecosystems: go
Packages: kubevirt.io/kubevirt
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1yOTQ3LTJjcmcteGMzOc4AAuzX
ouqiang gocron Cross-site scripting vulnerability
Ecosystems: go
Packages: github.com/ouqiang/gocron
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Statistics
Advisories: 17,470
Packages: 8,115
Repositories: 531
Ecosystems: 12
Filter by Severity
Moderate 7,470 High 6,100 Critical 2,660 Low 958
Filter by Ecosystem
maven 5,492 npm 3,496 pypi 3,463 packagist 3,213 go 1,828 nuget 1,388 rubygems 812 cargo 772 swift 31 hex 29 actions 16 pub 8
Filter by Package
github.com/usememos/memos 59 github.com/mattermost/mattermost/server/v8 38 github.com/mattermost/mattermost-server/v6 37 github.com/answerdev/answer 34 k8s.io/kubernetes 30 github.com/argoproj/argo-cd 29 github.com/hashicorp/vault 28 github.com/grafana/grafana 28 github.com/hashicorp/nomad 26 github.com/hashicorp/consul 26 gogs.io/gogs 24 github.com/argoproj/argo-cd/v2 22 github.com/rancher/rancher 20 github.com/cilium/cilium 20 github.com/ethereum/go-ethereum 19 helm.sh/helm/v3 18 github.com/docker/docker 17 golang.org/x/net 17 github.com/goharbor/harbor 15 github.com/traefik/traefik/v2 13 code.gitea.io/gitea 13 github.com/nats-io/nats-server/v2 13 github.com/containerd/containerd 13 github.com/opencontainers/runc 12 github.com/moby/moby 11 github.com/openfga/openfga 11 github.com/cloudflare/cfrpki 11 github.com/go-gitea/gitea 10 github.com/cosmos/cosmos-sdk 10 github.com/1Panel-dev/1Panel 10 github.com/greenpau/caddy-security 10 github.com/sylabs/singularity 9 golang.org/x/crypto 9 github.com/zitadel/zitadel 9 istio.io/istio 8 github.com/kubeedge/kubeedge 8 github.com/cri-o/cri-o 8 github.com/containers/podman/v4 8 github.com/pomerium/pomerium 8 go.etcd.io/etcd 8 helm.sh/helm 7 github.com/google/fscrypt 7 github.com/kubernetes/kubernetes 7 github.com/nats-io/jwt 7 k8s.io/ingress-nginx 7 github.com/beego/beego 7 github.com/mattermost/mattermost-server 7 github.com/traefik/traefik 7 github.com/gravitl/netmaker 6 github.com/hashicorp/go-getter 6 github.com/pion/dtls 6 github.com/russellhaering/gosaml2 6 github.com/russellhaering/goxmldsig 6 github.com/authzed/spicedb 6 github.com/fluxcd/flux2 6 github.com/sigstore/cosign 6 github.com/pterodactyl/wings 6 github.com/treeverse/lakefs 6 github.com/hyperledger/fabric 6 github.com/beego/beego/v2 6 github.com/cubefs/cubefs 6 github.com/hashicorp/go-getter/v2 5 github.com/tidwall/gjson 5 github.com/schollz/croc/v9 5 github.com/containers/buildah 5 github.com/mattermost/mattermost-server/v5 5 github.com/moby/buildkit 5 go.etcd.io/etcd/v3 5 github.com/cometbft/cometbft 5 github.com/gofiber/fiber/v2 5 github.com/traefik/traefik/v3 5 github.com/fluxcd/kustomize-controller 5 github.com/pion/dtls/v2 5 github.com/kyverno/kyverno 5 github.com/tendermint/tendermint 5 github.com/KubeOperator/kubepi 5 github.com/0xJacky/Nginx-UI 5 github.com/gophish/gophish 5 github.com/kiali/kiali 5 github.com/foxcpp/maddy 5 golang.org/x/net/http2 4 github.com/free5gc/free5gc 4 github.com/ory/fosite 4 github.com/crewjam/saml 4 github.com/aws/aws-sdk-go 4 github.com/arduino/arduino-create-agent 4 github.com/dhowden/tag 4 github.com/ipfs/go-ipfs 4 github.com/gin-gonic/gin 4 github.com/open-policy-agent/opa 4 github.com/alist-org/alist/v3 4 github.com/argoproj/argo-workflows/v3 4 github.com/oauth2-proxy/oauth2-proxy 4 github.com/containers/podman/v3 4 github.com/concourse/concourse 4 github.com/git-lfs/git-lfs 4 github.com/casdoor/casdoor 4 github.com/hashicorp/go-getter/gcs/v2 4 github.com/hashicorp/go-getter/s3/v2 4 github.com/apache/trafficcontrol 4 github.com/dexidp/dex 4 github.com/lestrrat-go/jwx 4 github.com/lestrrat-go/jwx/v2 4 github.com/IceWhaleTech/CasaOS-UserService 4 github.com/apache/incubator-answer 4 github.com/ElrondNetwork/elrond-go 3 github.com/syncthing/syncthing 3 github.com/lightningnetwork/lnd 3 github.com/ory/oathkeeper 3 github.com/openshift/origin 3 github.com/flyteorg/flyteadmin 3 github.com/crossplane/crossplane 3 k8s.io/client-go 3 github.com/docker/distribution 3 github.com/apache/servicecomb-service-center 3 gopkg.in/yaml.v2 3 github.com/miekg/dns 3 github.com/hashicorp/vault/vault 3 github.com/quic-go/quic-go 3 github.com/mholt/archiver 3 github.com/notaryproject/notation 3 github.com/projectcalico/calico 3 github.com/owncast/owncast 3 github.com/stacklok/minder 3 github.com/consensys/gnark 3 github.com/crypto-org-chain/cronos 3 github.com/nats-io/jwt/v2 3 github.com/sigstore/cosign/v2 3 github.com/cheqd/cheqd-node 3 github.com/coredns/coredns 3 github.com/libp2p/go-libp2p 3 go.etcd.io/etcd/client/v3 3 github.com/minio/minio 3 golang.org/x/text 3 github.com/fluxcd/helm-controller 3 github.com/tharsis/evmos 3 github.com/phachon/mm-wiki 3 github.com/cortexproject/cortex 3 github.com/go-vela/server 3 github.com/jackc/pgx/v4 3 github.com/edgelesssys/constellation/v2 3 golang.org/x/image 3 github.com/hashicorp/boundary 3 github.com/caddyserver/caddy 3 kubevirt.io/kubevirt 3 github.com/weaveworks/weave-gitops 3 github.com/square/go-jose 3 github.com/artifacthub/hub 3 github.com/dutchcoders/transfer.sh 3 github.com/argoproj/argo-events 2 github.com/talos-systems/talos 2 github.com/hpcng/singularity 2 github.com/navidrome/navidrome 2 github.com/dvsekhvalnov/jose2go 2 github.com/go-skynet/LocalAI 2 github.com/jaegertracing/jaeger 2 github.com/multiversx/mx-chain-go 2 github.com/apptainer/apptainer 2 github.com/go-vela/worker 2 github.com/jackc/pgx 2 github.com/tiagorlampert/CHAOS 2 github.com/jackc/pgproto3 2 github.com/buildkite/elastic-ci-stack-for-aws/v6 2 Google.Protobuf 2 google/protobuf 2 github.com/protocolbuffers/protobuf 2 protobuf 2 github.com/jackc/pgproto3/v2 2 github.com/siderolabs/talos 2 github.com/woodpecker-ci/woodpecker 2 github.com/etcd-io/etcd 2 github.com/clastix/capsule-proxy 2 github.com/theupdateframework/go-tuf 2 github.com/flipped-aurora/gin-vue-admin/server 2 github.com/IceWhaleTech/CasaOS 2 github.com/gphper/ginadmin 2 github.com/sigstore/rekor 2 github.com/kitabisa/teler-waf 2 github.com/prometheus/prometheus 2 github.com/notaryproject/notation-go 2 github.com/microcosm-cc/bluemonday 2 github.com/pingcap/tidb 2 github.com/influxdata/influxdb 2 github.com/kata-containers/runtime 2 github.com/codenotary/immudb 2 github.com/google/exposure-notifications-verification-server 2 mellium.im/xmpp 2 github.com/apache/thrift 2 github.com/minio/console 2 github.com/ansible-semaphore/semaphore 2 github.com/unknwon/cae 2 github.com/hashicorp/terraform 2 google.golang.org/grpc 2 github.com/imgproxy/imgproxy/v3 2 github.com/mattermost/mattermost-plugin-jira 2 github.com/u-root/u-root 2 github.com/rancher/wrangler 2 sigs.k8s.io/secrets-store-csi-driver 2 github.com/gofiber/fiber 2 go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp 2
Filter by Repository
https://github.com/usememos/memos 59 https://github.com/kubernetes/kubernetes 42 https://github.com/argoproj/argo-cd 36 https://github.com/answerdev/answer 34 https://github.com/go-gitea/gitea 23 https://github.com/grafana/grafana 21 https://github.com/rancher/rancher 21 https://github.com/cilium/cilium 20 https://github.com/gogs/gogs 20 https://github.com/helm/helm 19 https://github.com/hashicorp/consul 18 https://github.com/hashicorp/vault 16 https://github.com/etcd-io/etcd 16 https://github.com/goharbor/harbor 15 https://github.com/ethereum/go-ethereum 15 https://github.com/traefik/traefik 13 https://github.com/hashicorp/nomad 13 https://github.com/golang/go 13 https://github.com/containerd/containerd 13 https://github.com/moby/moby 13 https://github.com/openfga/openfga 11 https://github.com/opencontainers/runc 11 https://github.com/cloudflare/cfrpki 11 https://github.com/1Panel-dev/1Panel 10 https://github.com/greenpau/caddy-security 10 https://github.com/nats-io/nats-server 10 https://github.com/cosmos/cosmos-sdk 10 https://github.com/containers/podman 10 https://github.com/zitadel/zitadel 9 https://github.com/istio/istio 8 https://github.com/kubeedge/kubeedge 8 https://github.com/mattermost/mattermost 8 https://github.com/cri-o/cri-o 8 https://github.com/pomerium/pomerium 8 https://github.com/docker/docker 8 https://github.com/hpcng/singularity 7 https://github.com/kubernetes/ingress-nginx 7 https://github.com/google/fscrypt 7 https://github.com/beego/beego 7 https://github.com/sigstore/cosign 6 https://github.com/schollz/croc 6 https://github.com/pterodactyl/wings 6 https://github.com/pion/dtls 6 https://github.com/authzed/spicedb 6 https://github.com/containers/buildah 6 https://github.com/moby/buildkit 6 https://github.com/cubefs/cubefs 6 https://github.com/fluxcd/flux2 6 https://github.com/hyperledger/fabric 6 https://github.com/gravitl/netmaker 6 https://github.com/hashicorp/go-getter 6 https://github.com/treeverse/lakeFS 6 https://github.com/foxcpp/maddy 5 https://github.com/kyverno/kyverno 5 https://github.com/crewjam/saml 5 https://github.com/free5gc/free5gc 5 https://github.com/ipfs/go-ipfs 5 https://github.com/cometbft/cometbft 5 https://github.com/gofiber/fiber 5 https://github.com/gophish/gophish 5 https://github.com/argoproj/argo-workflows 5 https://github.com/0xJacky/nginx-ui 5 https://github.com/russellhaering/gosaml2 5 https://github.com/tidwall/gjson 5 https://github.com/tendermint/tendermint 5 https://github.com/oauth2-proxy/oauth2-proxy 4 https://github.com/arduino/arduino-create-agent 4 https://github.com/grafana/bugbounty 4 https://github.com/ory/fosite 4 https://github.com/casdoor/casdoor 4 https://github.com/containous/traefik 4 https://github.com/IceWhaleTech/CasaOS-UserService 4 https://github.com/aws/aws-sdk-go 4 https://github.com/siderolabs/talos 4 https://github.com/dhowden/tag 4 https://github.com/lestrrat-go/jwx 4 https://github.com/nats-io/jwt 4 https://github.com/dexidp/dex 4 https://github.com/concourse/concourse 4 https://github.com/git-lfs/git-lfs 4 https://github.com/caddyserver/caddy 4 https://github.com/open-policy-agent/opa 4 https://github.com/gin-gonic/gin 4 https://github.com/cheqd/cheqd-node 3 https://github.com/kiali/kiali 3 https://github.com/quic-go/quic-go 3 https://github.com/edgelesssys/constellation 3 https://github.com/artifacthub/hub 3 https://github.com/dutchcoders/transfer.sh 3 https://github.com/libp2p/go-libp2p 3 https://github.com/open-telemetry/opentelemetry-go-contrib 3 https://github.com/syncthing/syncthing 3 https://github.com/ipfs/boxo 3 https://github.com/openshift/origin 3 https://github.com/crossplane/crossplane 3 https://github.com/gogits/gogs 3 https://github.com/square/go-jose 3 https://github.com/tailscale/tailscale 3 https://github.com/cortexproject/cortex 3 https://github.com/alist-org/alist 3 https://github.com/moby/libnetwork 3 https://github.com/sylabs/singularity 3 https://github.com/stacklok/minder 3 https://github.com/flyteorg/flyteadmin 3 https://github.com/Consensys/gnark 3 https://github.com/minio/minio 3 https://github.com/ory/oathkeeper 3 https://github.com/go-vela/server 3 https://github.com/flipped-aurora/gin-vue-admin 3 https://github.com/phachon/mm-wiki 3 https://github.com/go-yaml/yaml 3 https://github.com/weaveworks/weave-gitops 3 https://github.com/evmos/evmos 3 https://github.com/KubeOperator/KubePi 3 https://github.com/ElrondNetwork/elrond-go 3 https://github.com/coreos/etcd 2 https://github.com/labstack/echo 2 https://github.com/labring/sealos 2 https://github.com/coredns/coredns 2 https://github.com/lightningnetwork/lnd 2 https://github.com/Masterminds/goutils 2 https://github.com/woodpecker-ci/woodpecker 2 https://github.com/containers/libpod 2 https://github.com/mattermost/mattermost-plugin-jira 2 https://github.com/mellium/xmpp 2 https://github.com/mholt/archiver 2 https://github.com/microcosm-cc/bluemonday 2 https://github.com/miekg/dns 2 https://github.com/Consensys/gnark-crypto 2 https://github.com/minio/console 2 https://github.com/sylabs/sif 2 https://github.com/codenotary/immudb 2 https://github.com/multiversx/mx-chain-go 2 https://github.com/heroiclabs/nakama 2 https://github.com/elastic/beats 2 https://github.com/hashicorp/terraform 2 https://github.com/envoyproxy/envoy 2 https://github.com/facebook/fbthrift 2 https://github.com/fkie-cad/yapscan 2 https://github.com/gphper/ginadmin 2 https://github.com/fleetdm/fleet 2 https://github.com/fluid-cloudnative/fluid 2 https://github.com/gotify/server 2 https://github.com/flynn/noise 2 https://github.com/vitessio/vitess 2 https://github.com/ulikunitz/xz 2 https://github.com/google/exposure-notifications-verification-server 2 https://github.com/unknwon/cae 2 https://github.com/golang/crypto 2 https://github.com/go-jose/go-jose 2 https://github.com/go-git/go-git 2 https://github.com/u-root/u-root 2 https://github.com/mutagen-io/mutagen 2 https://github.com/kubevirt/kubevirt 2 https://github.com/kubernetes-sigs/secrets-store-csi-driver 2 https://github.com/cosmos/ethermint 2 https://github.com/temporalio/temporal 2 https://github.com/crypto-org-chain/cronos 2 https://github.com/kitabisa/teler-waf 2 https://github.com/kitabisa/teler 2 https://github.com/distribution/distribution 2 https://github.com/jackc/pgproto3 2 https://github.com/ipld/go-codec-dagpb 2 https://github.com/drakkan/sftpgo 2 https://github.com/dvsekhvalnov/jose2go 2 https://github.com/influxdata/influxdb 2 https://github.com/imgproxy/imgproxy 2 https://github.com/IceWhaleTech/CasaOS 2 https://github.com/ecnepsnai/web 2 https://github.com/theupdateframework/go-tuf 2 https://github.com/sigstore/rekor 2 https://github.com/opencontainers/distribution-spec 2 https://github.com/swaggo/http-swagger 2 https://github.com/supranational/blst 2 https://github.com/openshift/apiserver-library-go 2 https://github.com/owncast/owncast 2 https://github.com/peterzen/goresolver 2 https://github.com/pingcap/tidb 2 https://github.com/apache/trafficcontrol 2 https://github.com/SAP/cloud-security-client-go 2 https://github.com/sajari/docconv 2 https://github.com/buger/jsonparser 2 https://github.com/pires/go-proxyproto 2 https://github.com/brokercap/Bifrost 2 https://github.com/russellhaering/goxmldsig 2 https://github.com/stripe/smokescreen 2 https://github.com/bottlerocket-os/bottlerocket 2 https://github.com/apptainer/apptainer 2 https://github.com/zalando/skipper 2 https://github.com/argoproj/argo-events 2 https://github.com/bitly/oauth2_proxy 2 https://github.com/projectcapsule/capsule-proxy 2 https://github.com/rancher/wrangler 2 https://github.com/projectdiscovery/nuclei 2 https://github.com/atredispartners/advisories 2 https://github.com/authelia/authelia 2 https://github.com/edgelesssys/marblerun 2 https://github.com/zinclabs/zinc 2 https://github.com/spiffe/spire 2