311 matches found
GO-2026-4719 Romeo is vulnerable to Archive Slip due to missing checks in sanitization in github.com/ctfer-io/romeo/webserver
Romeo is vulnerable to Archive Slip due to missing checks in sanitization in github.com/ctfer-io/romeo/webserver...
GO-2026-4714 Romeo's invalid NetworkPolicy enables a malicious actor to pivot into another namespace in github.com/ctfer-io/romeo/environment/deploy
Romeo's invalid NetworkPolicy enables a malicious actor to pivot into another namespace in github.com/ctfer-io/romeo/environment/deploy. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing...
CVE-2026-32805
Romeo gives the capability to reach high code coverage of Go ≥1.20 apps by helping to measure code coverage for functional and integration tests within GitHub Actions. Prior to version 0.2.2, the sanitizeArchivePath function in webserver/api/v1/decoder.go lines 80-88 is vulnerable to a path...
CVE-2026-32737
Romeo gives the capability to reach high code coverage of Go ≥1.20 apps by helping to measure code coverage for functional and integration tests within GitHub Actions. Prior to version 0.2.1, due to a mis-written NetworkPolicy, a malicious actor can pivot from the "hardened" namespace to any Pod...
CVE-2026-32805 Romeo is vulnerable to Archive Slip due to missing checks in sanitization
Romeo gives the capability to reach high code coverage of Go ≥1.20 apps by helping to measure code coverage for functional and integration tests within GitHub Actions. Prior to version 0.2.2, the sanitizeArchivePath function in webserver/api/v1/decoder.go lines 80-88 is vulnerable to a path...
CVE-2026-32805 Romeo is vulnerable to Archive Slip due to missing checks in sanitization
Romeo gives the capability to reach high code coverage of Go ≥1.20 apps by helping to measure code coverage for functional and integration tests within GitHub Actions. Prior to version 0.2.2, the sanitizeArchivePath function in webserver/api/v1/decoder.go lines 80-88 is vulnerable to a path...
CVE-2026-32737 Romeo's invalid NetworkPolicy enables a malicious actor to pivot into another namespace
Romeo gives the capability to reach high code coverage of Go ≥1.20 apps by helping to measure code coverage for functional and integration tests within GitHub Actions. Prior to version 0.2.1, due to a mis-written NetworkPolicy, a malicious actor can pivot from the "hardened" namespace to any Pod...
Romeo 路径遍历漏洞
Romeo is an open-source Go application code coverage calculation tool developed by CTFer.io. Versions of Romeo prior to 0.2.2 contained a path traversal vulnerability. This vulnerability stemmed from defects in the path traversal checks, which could lead to arbitrary file writing...
Romeo 访问控制错误漏洞
Romeo is an open-source Go application code coverage calculation tool developed by CTFer.io. Versions of Romeo prior to 0.2.1 contained a access control vulnerability, which was caused by improper network policy configuration and could lead to lateral movement...
CVE-2026-32805
creationtimestamp| type| source ---|---|--- 2026-03-14 14:26:51+00:00| published-proof-of-concept| https://github.com/ctfer-io/romeo/security/advisories/GHSA-p799-g7vv-f279...
MAL-2025-44456 Malicious code in grape-banana-romeo-dpkdl (npm)
The package grape-banana-romeo-dpkdl was found to contain malicious code...
MAL-2025-44118 Malicious code in elderberry-november-romeo-ondsq (npm)
The package elderberry-november-romeo-ondsq was found to contain malicious code...
MAL-2025-44256 Malicious code in fig-kiwi-romeo-iomwd (npm)
The package fig-kiwi-romeo-iomwd was found to contain malicious code...
MAL-2025-44623 Malicious code in hotel-elderberry-romeo-saxfp (npm)
The package hotel-elderberry-romeo-saxfp was found to contain malicious code...
Malicious code in elderberry-november-romeo-ondsq (npm)
The package elderberry-november-romeo-ondsq was found to contain malicious code...
Malicious code in hotel-elderberry-romeo-saxfp (npm)
The package hotel-elderberry-romeo-saxfp was found to contain malicious code...
Malicious code in fig-kiwi-romeo-iomwd (npm)
The package fig-kiwi-romeo-iomwd was found to contain malicious code...
Malicious code in alpha-watermelon-romeo-yivln (npm)
The package alpha-watermelon-romeo-yivln was found to contain malicious code...
MAL-2025-43437 Malicious code in alpha-watermelon-romeo-yivln (npm)
The package alpha-watermelon-romeo-yivln was found to contain malicious code...
MAL-2025-45121 Malicious code in mango-zucchini-romeo-xuonu (npm)
The package mango-zucchini-romeo-xuonu was found to contain malicious code...