Lucene search
K

8 matches found

Positive Technologies
Positive Technologies
added 2026/06/05 12:0 a.m.13 views

PT-2026-46988

Name of the Vulnerable Software and Affected Versions Omni affected versions not specified Description An authenticated Operator can perform a same-host path traversal by exploiting the managementServer.CreateSchematic internal/backend/grpc/schematics.go function. The issue occurs because the...

2.7CVSS5.9AI score0.00043EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2023/11/28 5:36 p.m.18 views

github.com/go-resty/resty/v2 HTTP request body disclosure

A race condition in go-resty can result in HTTP request body disclosure across requests. This condition can be triggered by calling sync.Pool.Put with the same bytes.Buffer more than once, when request retries are enabled and a retry occurs. The call to sync.Pool.Get will then return a bytes.Buff...

5.9CVSS7AI score0.00728EPSS
Exploits1References8Affected Software1
OSV
OSV
added 2023/11/28 5:36 p.m.15 views

GHSA-XWH9-GC39-5298 github.com/go-resty/resty/v2 HTTP request body disclosure

A race condition in go-resty can result in HTTP request body disclosure across requests. This condition can be triggered by calling sync.Pool.Put with the same bytes.Buffer more than once, when request retries are enabled and a retry occurs. The call to sync.Pool.Get will then return a bytes.Buff...

5.9CVSS5.2AI score0.00728EPSS
Exploits1References8
NVD
NVD
added 2023/11/28 5:15 p.m.15 views

CVE-2023-45286

A race condition in go-resty can result in HTTP request body disclosure across requests. This condition can be triggered by calling sync.Pool.Put with the same bytes.Buffer more than once, when request retries are enabled and a retry occurs. The call to sync.Pool.Get will then return a bytes.Buff...

5.9CVSS0.00728EPSS
Exploits1References5
OSV
OSV
added 2023/11/28 5:15 p.m.3 views

DEBIAN-CVE-2023-45286

A race condition in go-resty can result in HTTP request body disclosure across requests. This condition can be triggered by calling sync.Pool.Put with the same bytes.Buffer more than once, when request retries are enabled and a retry occurs. The call to sync.Pool.Get will then return a bytes.Buff...

5.9CVSS5.6AI score0.00728EPSS
Exploits1References1
Prion
Prion
added 2023/11/28 5:15 p.m.25 views

Race condition

A race condition in go-resty can result in HTTP request body disclosure across requests. This condition can be triggered by calling sync.Pool.Put with the same bytes.Buffer more than once, when request retries are enabled and a retry occurs. The call to sync.Pool.Get will then return a bytes.Buff...

2.6CVSS6.8AI score0.00728EPSS
Exploits1References5Affected Software1
UbuntuCve
UbuntuCve
added 2023/11/28 5:15 p.m.25 views

CVE-2023-45286

A race condition in go-resty can result in HTTP request body disclosure across requests. This condition can be triggered by calling sync.Pool.Put with the same bytes.Buffer more than once, when request retries are enabled and a retry occurs. The call to sync.Pool.Get will then return a bytes.Buff...

5.9CVSS6.1AI score0.00728EPSS
Exploits1References5
FreeBSD
FreeBSD
added 2023/11/28 12:0 a.m.33 views

rclone -- Multiple vulnerabilities

Multiple vulnerabilities in ssh and golang CVE-2023-45286: HTTP request body disclosure in go-resty disclosure across requests. CVE-2023-48795: The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity...

5.9CVSS7.5AI score0.9378EPSS
Exploits5References2
Rows per page
Query Builder