2 matches found
CVE-2026-23991
go-tuf is a Go implementation of The Update Framework TUF. Starting in version 2.0.0 and prior to version 2.3.1, if the TUF repository or any of its mirrors returns invalid TUF metadata JSON valid JSON but not well formed TUF metadata, the client will panic during parsing, causing a denial of...
PT-2023-3996 · Unknown · Cloudpanel
Name of the Vulnerable Software and Affected Versions: CloudPanel versions 2.0.0 through 2.3.0 CloudPanel version 2.3.0 Description: The issue is related to insufficient access control in the File Manager component of CloudPanel, specifically when handling clp-fm cookie files without verifying...