Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

go

github.com/patrickhener/goshs/v2

go

View on github.com · View on proxy.golang.org

Security Advisories for github.com/patrickhener/goshs/v2 in go

Moderate
about 1 month ago

goshs has Cross-Origin Arbitrary File Write via Missing CSRF on PUT and Wildcard CORS GSA_kwCzR0hTQS1yaGY3LXd2dzMtdmp2bc4ABVrt

go github.com/patrickhener/goshs, github.com/patrickhener/goshs/v2
Low
about 2 months ago

Unauthenticated Open Redirect, Arbitrary HTTP Response Header Injection, Missing CSRF, and Invisible-Mode Bypass in goshs `/?redirect` endpoint GSA_kwCzR0hTQS03cXg2LWYyM3ctM3c3Zs4ABVTD

go github.com/patrickhener/goshs/v2, github.com/patrickhener/goshs
High
about 2 months ago

goshs's public collaborator feed leaks .goshs ACL credentials and enables unauthorized access GSA_kwCzR0hTQS03aDNqLTU5MnYtamNycM4ABVSu

go github.com/patrickhener/goshs/v2
Moderate
about 2 months ago

goshs has CSRF in state-changing GET routes enables authenticated file deletion and directory creation GSA_kwCzR0hTQS1qcnE1LWhnNngtajZnM84ABVSt

go github.com/patrickhener/goshs/v2
Critical
about 2 months ago

goshs has an empty-username SFTP password authentication bypass GSA_kwCzR0hTQS1jMjl3LXFxNG0tMmdjds4ABVSs

go github.com/patrickhener/goshs/v2, github.com/patrickhener/goshs
High
about 2 months ago

SFTP root escape via prefix-based path validation in goshs GSA_kwCzR0hTQS01aDZoLTdyYzktMzgyNM4ABVSr

go github.com/patrickhener/goshs/v2, github.com/patrickhener/goshs

Filter by Severity

Moderate 2 High 2 Low 1 Critical 1