github.com/getarcaneapp/arcane/backend Security Advisories - Go | Ecosyste.ms: Advisories

github.com/getarcaneapp/arcane/backend

View on github.com · View on proxy.golang.org

Security Advisories for github.com/getarcaneapp/arcane/backend in go

High

2 days ago

Arcane Has an Authenticated Arbitrary Host File Read via Docker Compose Include Directives GSA_kwCzR0hTQS1jM3B4LWgyMzMtaDZmcc4ABXq3

go github.com/getarcaneapp/arcane/backend

High

8 days ago

Arcane: Missing admin authorization on global variables endpoint GSA_kwCzR0hTQS1qcGpoLWptMnAtMzloaM4ABXQt

go github.com/getarcaneapp/arcane/backend

High

13 days ago

Arcane Backend: Unauthenticated reflected XSS via SVG color parameter enables admin account takeover GSA_kwCzR0hTQS1xMnBqLTh2ODQtOW1oNc4ABXAs

go github.com/getarcaneapp/arcane/backend

Moderate

13 days ago

Arcane Backend: OS Command Injection in Volume Browser ListDirectory via path query parameter GSA_kwCzR0hTQS05bXZtLTRnd2ctdjhtcM4ABXAh

go github.com/getarcaneapp/arcane/backend

Critical

13 days ago

Arcane Backend: Missing admin authorization on git repository endpoints allows non-admin users to exfiltrate stored Git credentials and tamper with GitOps configs GSA_kwCzR0hTQS03aDI2LWhnNDctcDloeM4ABXAg

go github.com/getarcaneapp/arcane/backend

High

about 1 month ago

Arcane Vulnerable to Unauthenticated Disclosure of Custom Compose Template Content (incl. `.env` secrets) GSA_kwCzR0hTQS1jeHgzLWhyNzUtNHE5Ns4ABV-t

go github.com/getarcaneapp/arcane/backend

High

about 2 months ago

Arcane has Unauthenticated SSRF with Conditional Response Reflection in Template Fetch Endpoint GSA_kwCzR0hTQS1mZjI0LTRwcmotZ3Btas4ABVGW

go github.com/getarcaneapp/arcane/backend

Critical

5 months ago

Arcane Has a Command Injection in Arcane Updater Lifecycle Labels That Enables RCE GSA_kwCzR0hTQS1nanFxLTZyMzUtdzNyOM4ABRIr

go github.com/getarcaneapp/arcane/backend

Filter by Severity

High 5 Critical 2 Moderate 1