8 matches found
PT-2026-46988
Name of the Vulnerable Software and Affected Versions Omni affected versions not specified Description An authenticated Operator can perform a same-host path traversal by exploiting the managementServer.CreateSchematic internal/backend/grpc/schematics.go function. The issue occurs because the...
github.com/go-resty/resty/v2 HTTP request body disclosure
A race condition in go-resty can result in HTTP request body disclosure across requests. This condition can be triggered by calling sync.Pool.Put with the same bytes.Buffer more than once, when request retries are enabled and a retry occurs. The call to sync.Pool.Get will then return a bytes.Buff...
GHSA-XWH9-GC39-5298 github.com/go-resty/resty/v2 HTTP request body disclosure
A race condition in go-resty can result in HTTP request body disclosure across requests. This condition can be triggered by calling sync.Pool.Put with the same bytes.Buffer more than once, when request retries are enabled and a retry occurs. The call to sync.Pool.Get will then return a bytes.Buff...
CVE-2023-45286
A race condition in go-resty can result in HTTP request body disclosure across requests. This condition can be triggered by calling sync.Pool.Put with the same bytes.Buffer more than once, when request retries are enabled and a retry occurs. The call to sync.Pool.Get will then return a bytes.Buff...
DEBIAN-CVE-2023-45286
A race condition in go-resty can result in HTTP request body disclosure across requests. This condition can be triggered by calling sync.Pool.Put with the same bytes.Buffer more than once, when request retries are enabled and a retry occurs. The call to sync.Pool.Get will then return a bytes.Buff...
Race condition
A race condition in go-resty can result in HTTP request body disclosure across requests. This condition can be triggered by calling sync.Pool.Put with the same bytes.Buffer more than once, when request retries are enabled and a retry occurs. The call to sync.Pool.Get will then return a bytes.Buff...
CVE-2023-45286
A race condition in go-resty can result in HTTP request body disclosure across requests. This condition can be triggered by calling sync.Pool.Put with the same bytes.Buffer more than once, when request retries are enabled and a retry occurs. The call to sync.Pool.Get will then return a bytes.Buff...
rclone -- Multiple vulnerabilities
Multiple vulnerabilities in ssh and golang CVE-2023-45286: HTTP request body disclosure in go-resty disclosure across requests. CVE-2023-48795: The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity...